Tanium Threat Response was developed to empower security teams to detect, investigate, and remediate incidents using a single platform. The Tanium platform eases the collaboration challenges faced by EDR and IT teams, providing an integrated view of the entire enterprise. Using the power of Tanium IOC Detect, Tanium Trace, and Tanium Incident Response, Tanium Threat Response offers enhanced features such as built-in threat intelligence and continuous monitoring for threats with real-time alerting.
When we speak with our customers about Endpoint Detection and Response (EDR), we hear most often about how they want to enable teams to collaborate across critical enterprise functions. Professionals working in the Security Operations Center (SOC), on the Incident Response (IR) team, and in IT Operations all want to be able to work together using integrated workflows. In today’s cybersecurity environment, it’s no longer feasible for each team to operate in a silo, using its own set of point tools without the ability to have an integrated view of the enterprise.
Our Product organization took these concerns to heart and answered the challenge by creating Tanium Threat Response. This new offering comprises functions previously offered by Tanium IOC Detect, Tanium Trace, and Tanium Incident Response into a single offering which integrates workflows for detection, investigation, and response.
Tanium Threat Response introduces real-time alerting, allowing security teams to detect a broad range of attacks using custom or built-in intelligence from Tanium’s EDR team. Analysts can access a simplified feed of real-time alerts to triage and orchestrate appropriate follow on actions. Incident responders can conduct deep-dive analyses on individual systems or hunt enterprise wide. And Operations teams will be able to remediate incidents on one or more endpoints across the enterprise in seconds.
All of these capabilities include granular Role-Based Access Control (RBAC), which enables administrators to define and delegate responsibilities.
Tanium Threat Response also includes important enhancements to Tanium’s detection and alerting capabilities.
The new and enhanced detection mechanisms that will be offered in Tanium Threat Response in the coming weeks include:
Each of these detection mechanisms generates alerts within seconds. Alerts are sent to a new, proactive alerting dashboard, providing a unified interface into threats across your environment. Users have the ability to triage, investigate, and remediate any alert all from a single pane of glass.
Tanium Threat Response offers integrated workflows so you can bring your critical cybersecurity teams together when it matters most. You’ll have continuous threat detection, real-time intelligent alerts, and new threat intelligence from Tanium’s EDR team. With Tanium, you are not limited in your ability to detect, scope, or remediate attacks, as you would be with a database-driven solution where the data is only as good as the last snapshot.
The best part? Unlike point tool competitors, Threat Response runs on Tanium’s Core Platform. Our single agent and back-end infrastructure can take you far beyond EDR, helping you accomplish a variety of critical IT and security functions, including IT asset visibility, compliance, unmanaged asset detection, file integrity monitoring, vulnerability management, and patching—all on a single platform.
To learn more about Threat Response, join us on this upcoming Investigating and Hunting webinar.
Like what you see? Click here and sign up to receive the latest Tanium news and learn about our upcoming events.
About the author: Joseph Lea is head of product management at Tanium, where his focus and passion is shaping new product modules and bringing them to market. Joe has held numerous technical and product positions as well as executive management roles during his career. He holds a PhD in Cognitive Science which has informed his perspective on technology and led to 10 patents for user experience innovations. When he’s not busy at Tanium or spending time with family, he speaks about his experience competing in some of the world’s most grueling 100 mile mountain ultra-marathons, which, as it turns out, are not as different from his day job as you might expect.