Endpoint risks are constantly evolving — and so is Tanium.
We built these products and extended our platform’s core capabilities to empowering IT operations and security teams with enhanced efficiency, invaluable insights, and simplified workflows, all aimed at tackling the ever-increasing complexity of modern technology environments.
Read on, to explore:
- How SBOM for Comply can show you every instance of software-based vulnerabilities — like Log4J or SolarWinds — across your entire environment
- How our expanded ARM support lets you manage and secure additional ARM endpoints alongside your Intel endpoints from one console
- How updates to our Risk & Compliance solution better support virtual computers, increase the usability of Benchmark metrics, streamline compliance workflows, and more
SBOM for Comply: Protect Yourself from Software Supply Chain Attacks
The SolarWinds hack of 2020 made one thing clear — software supply chain attacks are one of this era’s biggest threats, and they are only growing. Consider that:
- Cybercriminals are increasing their software supply chain attacks. Between January to October 2022, the open-source repository npm found 7,000 malicious package uploads, a ~100x increase from 75 uploads in 2020.
- Most applications now use vulnerable open-source libraries. According to Tidelift, 92% of applications now contain open-source libraries that may contain hidden and exploitable vulnerabilities similar to Log4j or OpenSSL.
- Regulation is coming for software supply chains. Note how software supply chain security was front-and-center in the May 2021 Executive Order on Improving the Nation’s Cybersecurity (written in response to SolarWinds).
Given these points, it’s no wonder Gartner expects that, by 2025, 45% of global organizations will have experienced a software supply chain attack — up 3x from 2021.
We built our new SBOM for Comply product to help you spot and stop these attacks.
SBOM for Comply gives you comprehensive visibility into your software supply chain. It shows you all of the applications in your environment, and every open-source library they use. When a supply chain vulnerability is discovered, you can use SBOM for Comply to quickly find every instance of that vulnerability in your environment and seamlessly pivot to remediation actions like updating libraries or closing off impacted endpoints.
With Tanium, you can identify these vulnerabilities during run-time – no need to close in-use applications while scanning endpoints – and close those vulnerabilities remotely at speed and scale across environments of any size. The result? You can rapidly see your exposure to new supply chain attacks and close those vulnerabilities ASAP.
With SBOM for Comply, you will gain:
- Improved Security: Identify software supply chain vulnerabilities, manage their risk, and minimize the chance of a breach.
- Faster Response: Quickly find and fix vulnerabilities in the run-time instances of your applications and respond faster to supply chain security threats — including zero-days and other emerging threats.
- Better Risk Management: Prioritize which vulnerabilities to address based on their risk level and see which vulnerabilities require immediate attention.
- Regulatory Compliance: Maintain a required level of security for your software applications, and easily review and demonstrate that compliance.
- Cost Savings: Avoid suffering from costly supply chain attacks and replace a patchwork of supply chain security point solutions with one unified platform.
Expanded ARM support: Grow your ARM footprint without worry
ARM processors are quickly becoming more widespread across the endpoint landscape. Organizations expanded their ARM footprint by 3x in just two years, and with good reason. Endpoints with ARM processors are efficient to run and can lower data center and cloud costs by up to 40%.
To help you take control over your growing host of ARM endpoints — and to accelerate their adoption without security or operational risk — we’re expanding Tanium’s core capabilities to provide visibility and control over even more ARM-powered assets.
This is not a new product or feature, exactly. Instead, we’ve been baking ARM support across our entire XEM platform. You will be able to leverage Tanium’s comprehensive visibility and management capabilities for ARM endpoints and manage and secure them alongside your other endpoints — all from one platform, agent, and console.
With Tanium’s expanded ARM support, you will:
- Continue to use one platform for endpoint visibility and management as you onboard endpoints with supported ARM processors
- Manage ARM endpoints you plan to adopt during your next large asset refresh cycle
- Manage ARM servers in both data centers and the cloud from a single platform
- Enjoy the efficiencies and cost savings of large-scale ARM endpoint adoption without increased security or operational risk
New functionality for Tanium’s Risk & Compliance solution
Tanium’s Risk & Compliance solution provides a real-time view of the risk posture across your IT environment, along with tools that enable you to manage that exposure proactively in a data-driven and continuous way.
Risk & Compliance provides a continuous risk score of your environment based on multiple risk vectors over time – as well as risk by operating system, vulnerability count, and other key metrics.
We’ve released updates to our Risk & Compliance solution that will better support virtual computers, increase the usability of Benchmark metrics, streamline compliance workflows, and more.
Increased visibility and control of virtual machines
Our June 2023 release increases support for your virtual machines. This update will improve efficiency by allowing security teams to view and manage all virtual servers and hypervisors within VMWare’s Server Management Center (vCenter). Additionally, teams can perform risk assessments on all ESX and ESXi hypervisors managed by the vCenter, giving them a single point of reference rather than many.
With Tanium’s Risk & Compliance solution, you can now:
- View all virtual servers and hypervisors via the vCenter
- Perform compliance and vulnerability assessments of ESX and ESXi hypervisors via vCenter APIs
- More securely and efficiently execute remote authenticated scans of ESXi hypervisors
Leverage the CISA KEV catalog from within your Tanium console
The Cybersecurity and Infrastructure Security Agency (CISA) Known Exploits and Vulnerabilities (KEV) catalog is an invaluable resource for security teams. This public database of known and exploited security flaws and weaknesses is used by organizations to locate and remediate known vulnerabilities in their environments.
However, researching the CISA KEV can take time, which is why Tanium is making it easier for teams to leverage this database without leaving the Tanium console and breaking their flow. Security teams can now access CISA KEV from within Tanium Comply’s findings and reporting dashboards. With this up-to-date data in hand, your organization will be able to:
- Prioritize the most dangerous and active exploits based on the latest CISA KEV data
- Save time and reduce errors by eliminating manual research and matching of known exploitable vulnerabilities
- Instantly prioritize high-risk CVEs, decreasing your time to respond and providing greater security
Tanium Benchmark provides real-time comparisons of your risk metrics to those of your industry peers. Originally designed to deliver comparisons along more than 20 different metrics, the June 2023 release expands Benchmark’s scope to include more core metrics and includes additional new functionality for an even more comprehensive view of your organization’s risk posture.
- Improvements to Tanium’s single, accurate and impact-based dashboard of risks
- New Benchmark health page allows the customer to quickly visualize if their metrics are performing the way they should be. See health status of each Benchmark metric
- Additional metrics from Core modules, giving all Tanium customers immediate value from Benchmark
Exception Management for Comply
Comply is Tanium’s modern vulnerability management module and a key part of our Risk & Compliance solution. With Comply, organizations can continuously scan their endpoints for vulnerabilities, misconfigurations, and incidents of noncompliance with internal standards or external regulations. With this real-time data, organizations can prioritize the problems they find, drive remediation, and validate whether they’ve addressed their risks.
With the June 2023 release, Comply users can now leverage our new exception management features, giving them the ability to more granularly control their IT environments. IT ops and security teams will be able to:
- Create exceptions for Compliance and Vulnerability findings and log accompanying reasons and expiration dates
- Keep excepted findings hidden by default.
- More easily create findings in Comply based on the data that is most important to secure your IT environment
More products, more supported assets: less endpoint risk
All three of these products fold into our Converged Endpoint Management (XEM) platform, and give you a single, unified solution to manage and secure every workflow and endpoint in your environment. They provide practical tools to solve more of today’s biggest endpoint challenges and demonstrate our commitment to offering all the visibility and control you need from just one platform.
In sum: With SBOM Comply, expanded ARM support, and a more robust Risk & Compliance solution, you can manage and secure more of your endpoints, in more ways, than ever before — quickly, easily, and at any scale — and mitigate today’s emerging risks.