Quickly Identify and Respond to Emerging Issues With Tanium

Nearly 2000 software vulnerabilities are disclosed and exploited every month. This extreme volume of vulnerabilities forces IT teams to relentlessly prioritize fixes and live in a constant state of patch backlogs. However, every few months, a high-priority vulnerability will rise to the top, requiring the attention of everybody from security and operations to executives in the boardroom.

In the past 12 months alone, the industry has faced Log4Shell, PwnKit, Dirty Pipe, Spring4Shell, ProxyNotShell, and most recently, the OpenSSL vulnerability. As the digital frontier continues to evolve at the breakneck speed we are seeing, we can only expect this pattern of critical cybersecurity threats to continue to rise.

Quickly identifying your exposure to a critical vulnerability and having the ability to rapidly deploy targeted actions across the entire estate for mitigation and remediation is crucial.

Tanium can provide this at scale. And to enhance our capabilities even further, we’ve released proactive alerting and recommended actions for emerging issues in Tanium.

What are emerging issues?

Emerging issues are urgent vulnerabilities identified by the industry and validated by Tanium as having broad-reaching impact and should be addressed immediately.

Tanium alerts and emerging issues dashboards

We recently released a new platform capability that will notify users when an emerging issue is identified and vulnerable endpoints are found in their IT environment. This new feature will not only proactively surface insights but also allows customers to go from initial discovery to mitigation within minutes.

Alerts

Users will now receive notifications in Tanium Feed when vulnerable endpoints are discovered. Live scans of the environment help assure customers of real-time coverage as endpoints come online and are evaluated for the vulnerability.

Emerging issues dashboards

Navigating from the alert notification, the dashboard provides an immediate view of the vulnerability’s relevance to your specific environment. In a simple yet comprehensive dashboard, you can quickly answer the most pressing questions:

• What do I need to know about this critical vulnerability?
• How many of my endpoints are impacted by this emerging issue?
• What level of priority should I assign to this vulnerability?
• How quickly can I expect to mitigate my risk exposure?
• What other reference materials will help get me up to speed?

Emerging issues reports

While the dashboard gives a summarized perspective, users also have the option of reviewing a detailed report that captures the vulnerability status and specific characteristics of individual endpoints to aid further investigation and hunting.

Deploy action

The power of the Tanium platform is the end-to-end solution-based experience we deliver for the customer. In the first hours and days of a rapidly evolving threat situation when a patch is not available, the most important step is to reduce the attack surface. This is where Tanium can deliver. After viewing the dashboard, the user can easily pivot to an actionable workflow of deploying packages to mitigate the issue. Whether that is disabling the Print Spooler service for PrintNightmare or deleting volume shadow snapshots for HiveNightmare, using the same endpoint data from the report and dashboard, users can target the vulnerable endpoints with mitigation packages, completing the investigation to action workflow.

The combination of Tanium Feed to drive attention to critical cyber events, the emerging issues dashboards and reports to help you quickly assess your organization’s exposure, along with Tanium’s ability to deploy mitigations in real-time is a testament to the need for a converged endpoint management solution. With the Tanium XEM platform, that’s exactly what you get. You’ll get the visibility, insights and actionability needed to round trip any issue when the shortest time to resolution is mission-critical.

---

See how the Tanium XEM platform gives you the visibility, control, and remediation capabilities to defend against the largest attack surface in history. Request a demo today.