Tanium Announces Threat Response: A New Way to Ease the Pain of EDR Investigations

Emeryville, Calif., July 10, 2017 – Tanium, the company that redefined security and IT operations with the unparalleled speed and scale of its endpoint communications platform, announces Tanium Threat Response. Developed with input from our customers, Threat Response is designed to alleviate the pain of trying to perform successful incident response using disparate point tools.

Professionals working in the Security Operations Center (SOC), on the Incident Response (IR) team, and in IT Operations all want to be able to work together using integrated workflows. In today’s cybersecurity environment, it’s no longer feasible for each team to operate in a silo, using its own set of point tools without the ability to have an integrated view of the enterprise.

Tanium Threat Response is designed to allow security operations teams to easily detect a broad range of attacks with out-of-the-box intelligence and real-time alerting. Security Operations Analysts can easily triage alerts with an enriched investigation experience, and quickly orchestrate remediation actions using streamlined workflows. Incident Response teams can use the new functionality to scope and investigate threats thoroughly. And Operations teams will be able to remediate incidents on one or more endpoints across the enterprise in seconds.

All of these capabilities include granular Role-Based Access Control (RBAC), which enables administrators to define and delegate responsibilities.

Now, incident responders and investigators can access a simplified feed of real-time alerts, conduct deep-dive analyses on individual systems, and remediate—all in a seamless user experience with RBAC coordinating their scope of responsibilities.

Tanium Threat Response also includes important enhancements to Tanium’s detection and alerting on the endpoint.

The new detection mechanisms that will be offered in the coming weeks include:

  • Indicator of Compromise (IOC) detection is now automated on the endpoint, and can be performed even if the system is offline.
  • Reputation information from common third-party reputation sources, or internally developed blacklists and whitelists, can be continuously matched against executed processes or at-rest files to identify previously undetected malware.
  • Tanium will provide an out-of-the-box intelligence feed of “Signals.” Tanium Threat Response Signals monitor patterns of attack in real time and generate immediate alerts when malicious activity is detected.
  • Investigators will be able to apply common uses of Tanium sensors to detect suspicious endpoint activity, follow leads, and hunt for anomalies within current state, at rest, and historical evidence on the endpoint.

Each of these detection mechanisms generates alerts within seconds. Alerts are sent to a new, proactive alerting dashboard, providing a unified interface into threats across your environment. Users have the ability to triage, investigate, and remediate any alert all from a single pane of glass.

Tanium Threat Response offers integrated workflows so you can bring your critical cybersecurity teams together when it matters most. You’ll have continuous threat detection, real-time intelligent alerts, and new threat intelligence from Tanium’s EDR team. With Tanium, you are not limited in your ability to detect, scope, or remediate attacks, as you would be with a database-driven solution where the data is only as good as the last snapshot.

The best part? Unlike point tool competitors, Threat Response runs on Tanium’s Core Platform. Our single agent and back-end infrastructure can take you far beyond EDR, helping you accomplish a variety of critical IT and security functions, including IT asset visibility, compliance, unmanaged asset detection, file integrity monitoring, vulnerability management, and patching—all on a single platform.

For more information, visit https://www.tanium.com/.


About Tanium

Tanium offers a unified endpoint management and security platform that is built for the world’s most demanding IT environments. Many of the world’s largest and most sophisticated organizations, including more than half of the Fortune 100, top retailers and financial institutions, and four branches of the US Armed Forces rely on Tanium to make confident decisions, operate efficiently and effectively, and remain resilient against disruption. Tanium ranks 7th on the Forbes list of “Top 100 Private Companies in Cloud Computing” for 2019 and 10th on FORTUNE’s list of the “100 Best Medium Workplaces.” Visit us at www.tanium.com and follow us on LinkedIn and Twitter.


Tanium’s statements regarding its plans, directions and intent are subject to change or withdrawal without notice at Tanium’s sole discretion. Information regarding potential future products is intended to outline our general product direction and it should not be relied on in making a purchasing decision. Information about potential future products may not be incorporated into any contract. The information mentioned regarding potential future products is not a commitment, promise or legal obligation to deliver any material, code or functionality. The development, release and timing of any future features or functionality described for our products remains at our sole discretion.

Media Contacts

Brooke Hamilton
[email protected]
+44 7909 525099

Brands2Life, for Tanium
[email protected]
+1 (415) 610 7500