How GoDaddy Accelerates Its Security And IR Teams

Jason White, Director of the Computer Security Incident Response Team (CSIRT) at GoDaddy, had a problem. His eight-person team was adept at identifying threats and compromises of their systems, but they were unable to scope incidents quickly with their existing endpoint security tools and couldn’t trust they had a complete picture from all of their endpoints.

As a mobile-first workforce where employees are provided laptops instead of desktops, GoDaddy had increased their risk of unwanted software entering their environment from home, affectionately called “Bring Your Own Malware.”

“What keeps me up at night is the thought of not finding an intrusion before it becomes data exfiltration,” said White.

How to decrease mean time to recover.

GoDaddy’s incident response team was adept at identifying threats and compromises in their system—but they were unable to scope incidents quickly with their existing endpoint security tools and couldn’t trust they had a complete picture from all of their endpoints. Since deploying Tanium, GoDaddy has dramatically decreased the mean time to recover from an incident by investigating alerts and affected endpoints remotely and in real-time.

The Tanium Solution

Instant visibility, enabling:

  • Reduced time to remediate IT outages
  • Faster reaction time to detect and remediate malware instances
  • Decreased the mean time to recover
  • Ability to investigate an endpoint remotely in real time
  • Overall increased IT administrative productivity
  • “Using Tanium, a team member asked ‘What machines are running Thunderbolt monitors?’ and got the answer back immediately. Leveraging Tanium, the team correlated the event of a specific monitor being plugged in with the network outage, which was the key data needed to isolate the issue with the display”

    Jason White, Director of the CSIRT, GoDaddy

    Phillips 66
    AstraZeneca
    Target
    HM GOV_BLK_AW
    Aon