Dec 19, 2019
Announcing Remote Scanning for Tanium Comply: Identify Vulnerabilities On Any Connected DeviceBy Team Tanium
As 2018 comes to a close we are excited to announce the next major release of Tanium Comply, our security compliance and vulnerability management module. For the past two years Comply has enabled our customers to secure their Tanium managed endpoints with scalable and rapid visibility into misconfigurations and vulnerabilities. However, with the continued growth of IOT and other unmanageable endpoints within corporate networks, our customers have asked us to expand the ways Tanium provides insights into any connected device – even those that cannot run an agent. Tanium Comply now extends our vulnerability identification capability to any connected device at the speed of Tanium without requiring additional infrastructure.
The screenshot below shows summary metrics from a remote vulnerability scan and detailed results from a single host including: operating system, open ports, services, versions and identified vulnerabilities.
Organizations have employed traditional vulnerability scanning technologies for decades; however, unpatched vulnerabilities and misconfigurations continue to be considered ”low hanging fruit” for attackers to compromise corporate networks. Legacy technologies are slow, incomplete, expensive to manage and often fail to accurately determine risk based on a common understanding of an asset’s role. This frustrates organizations, which struggle to eliminate vulnerabilities and misconfigurations before they lead to security incidents.
Comply addresses these challenges through unparalleled agent-based visibility into operating system and application vulnerabilities, and provides the speed necessary to identify vulnerabilities within minutes of being released. Imagine reducing the time to scan for a vulnerability from a few weeks to a few minutes!
This Tanium Comply release extends our existing capabilities with three new features:
- Remote Scanning: Identify vulnerabilities on any connected device, even if it doesn’t have the Tanium agent, using a distributed scan methodology that can be parallelized environment-wide and doesn’t require additional infrastructure, firewall changes, or significant WAN bandwidth.
- Offline Device Reporting: Incomplete results, due to offline endpoints, have plagued vulnerability management processes for years and can provide a false sense of security if a vulnerable endpoint was offline at the time of a scan. Tanium Comply provides reports that are accurate and complete even if an endpoint isn’t currently online.
- Prevalence Reporting: Understanding risk is critical to a vulnerability program and helps prioritize remediation efforts when resources and time are limited. Tanium Comply introduces the concept of prevalence to identify vulnerability “hot spots” for remediation prioritization.
The screenshot below shows an example of prevalence reporting in a Windows server environment.
Comply empowers users to identify vulnerabilities on any device, prioritize risk across their environment and, with Tanium Core, Patch, Deploy, and Protect, remediate problems before they become breaches – leading to a secure and resilient enterprise.
Happy Holidays, and we look forward to communicating more exciting improvements next year!
To learn more about Comply and this latest release please reach out and schedule a demo today.