Skip to content

Threat Response 3.3 Delivers Security From the Desktop to the Server

Tanium’s latest release makes endpoint security easier, more flexible and more effective

Tech Insights

Securing endpoints can be complex. Threat actors attempt to stay one step ahead of your cybersecurity measures, solutions and awareness. And as you add endpoints, complexity can grow with both volume and diversity.

The volume of endpoints is simple enough. Endpoint devices increase as more and more team members need to connect, work from anywhere, and be more productive.

Endpoint diversity is more complex. Different types of devices — whether laptops, desktops, servers, and others — create new opportunities for threats to penetrate your defenses. As different operating systems and environments are layered across the entire infrastructure, each device type brings its own unique vulnerabilities.

Threat Response 3.3: Linux eBPF modernization

To help organizations further secure their Linux endpoints, Tanium’s Threat Response 3.3 is now available. This release enhances existing coverage of Linux systems. It provides greater visibility into threats on many types of endpoints, expanding coverage over various operating environments, and empowering threat hunters to respond rapidly to attacks and limit their costly consequences.

With Threat Response 3.3, Tanium introduces extended Berkeley Packet Filter (eBPF) support on Linux. This technology lets organizations run sandboxed programs in the Linux kernel without changing the kernel source code or loading a kernel module. With its new eBPF support, Threat Response now gives you visibility from desktop to server, covering a wide range of operating systems, on the tech stack that is the future of event visibility.

Threat Response 3.3 ensures that you have the rapid responsiveness needed to remediate threats across endpoints at scale, cutting remediation times from long days or weeks to mere minutes.

Screenshot: Threat Response can now support the extended Berkeley Packet Filter or eBPF, providing a protected way to use the Linux kernel

Threat Response can now support the extended Berkeley Packet Filter or eBPF, providing a protected way to use the Linux kernel

RBAC has your back

The addition of eBPF support is just Tanium’s latest user-friendly technological advancement in Threat Response. With the earlier Threat Response 3.2.67 release, Tanium extended Role-Based Access Controls (RBAC) capabilities to Alerts, Saved Evidence, and Snapshots. This lets customers create User Personas while also limiting the visibility of Alerts, Saved Evidence, and Snapshots by Management Rights Group.

RBAC also lets administrators customize user visibility, giving organizations the flexibility to adapt to their specific needs.

By continually advancing Threat Response, Tanium builds on the most rapid and robust incident response and remediation solution available for enterprise organizations. The new Threat Response 3.3 helps keep your organization safe and secure, no matter how many endpoints or types of operating environments you run.

Learn more about Tanium Threat Response 3.3 and schedule a demo to see it in action.

Tanium Subscription Center

Get Tanium digests straight to your inbox, including the latest thought leadership, industry news and best practices for IT security and operations.