Skip to content
Company
Login
Contact us
CONTENT HUB

Root Cause Collaboration with Tanium Investigate - Tanium Tech Talks #125

Explore the latest enhancements to Tanium's Investigate module to discover how new features are helping IT and security teams resolve incidents faster.

Module Deep Dive

In this episode of Tanium Tech Talks, host Ashley McGlone welcomes back Josh Bryant, director of product management at Tanium, to dive deep into the evolution of the Investigate module.

Since its initial introduction in episode 73, Investigate has undergone significant improvements, including performance enhancements and new capabilities like remote registry and event log browsing. Josh shares insights into how these updates help teams reduce mean time to resolution (MTTR) for both operational and security incidents.

If you’re looking to streamline your incident response and gain unparalleled visibility into endpoint activity, this episode is a must-watch. From real-time file tailing to cross-platform registry access, see how Investigate is transforming the way teams troubleshoot and secure their environments.

Key takeaways

  • Investigate empowers teams to quickly pinpoint root causes of incidents by correlating data across modules and endpoints.

    • We designed this module to help customers reduce their mean time to resolution.

    Tanium Director of Product Management Josh Bryant
  • Investigate supports Windows, Mac, and Linux endpoints, enabling consistent visibility and control across platforms.
  • New features include remote browsing of Windows event logs and registries, live file tailing, and enhanced timeline views.
  • Josh shared a story about a customer who had been troubleshooting an endpoint issue for over a week. After using Investigate, they pinpointed the root cause within 30 minutes using the timeline view and resolved the issue in under an hour—demonstrating the real-world impact of the module.

    • Ready to dive deeper into Tanium Investigate? Explore how it empowers faster, smarter incident resolution across your environment.

  • Users can annotate investigations, link them to ServiceNow tickets, and collaborate across teams with shared timelines.
  • The module now integrates data from multiple Tanium modules including Patch, Deploy, Threat Response, Enforce, Comply, and Performance.
  • Investigate enables real-time visibility into endpoints regardless of location.

    • Now because of the way our platform works, I’m able to establish a connection to that endpoint no matter where it exists and get a live view of that data.

    Tanium Director of Product Management Josh Bryant
  • Future enhancements include advanced filtering, search capabilities, and investigation presets.

Additional resources

Ashley McGlone

Technology strategist, joined Tanium in 2017, host of Tanium Tech Talks, enjoys advocating for customers, getting in the weeds of tech, and retro licorice.

Tanium Subscription Center

Get Tanium digests straight to your inbox, including the latest thought leadership, industry news and best practices for IT security and operations.

SUBSCRIBE NOW

Related

Video thumbnail for Tanium Patch Customer Success Story - Tanium Tech Talks #124
play-icon

Tanium Patch Customer Success Story - Tanium Tech Talks #124

Video thumbnail for Map Lateral Movement with Tanium Impact - Tanium Tech Talks #123
play-icon

Map Lateral Movement with Tanium Impact - Tanium Tech Talks #123

Video thumbnail image for Microsoft Azure Virtual Machine Extension - Tanium Tech Talks #122
play-icon

Microsoft Azure Virtual Machine Extension - Tanium Tech Talks #122