Tanium Product Modules

Eliminate Siloed Point Tools to Reduce Cost and Complexity

Product modules provide purpose-built extensions geared for specific IT security and management problems with the speed, simplicity, and scalability that is uniquely Tanium.

Tanium Modules
Comply
Discover
Integrity Monitor
Patch
Protect
Threat Response
Tanium Comply

Tanium Comply improves security hygiene and regulatory compliance by transforming security configuration checks and vulnerability scanning from a labor-intensive, unreliable activity that takes weeks to get enterprise-wide results to one that can be performed on-demand.

Module Features
  • Checks systems against standards-based security benchmarks and vulnerability checks with complete results in minutes – even in very large endpoint networks
  • Integrated as part of the Tanium platform for configuration management visibility, vulnerability assessment, remediation, system patching, and endpoint security
  • Helps fulfill the system configuration hardening and vulnerability scanning portions of industry regulatory requirements
  • Supports corporate mandates around proactive security across desktops, laptops, and servers
Tanium Discover

Tanium Discover quickly finds unmanaged assets within the enterprise environment, even across the largest global networks, and allows security and IT teams to directly take actions necessary to review, secure and gain control of these assets.

Module Features

Efficiently scans for unmanaged assets at scale with almost no impact on the network.

Provides a rich set of information for the assets it locates, including the hostname, MAC and IP addresses, device manufacturer, operating systems, open ports / applications and even historical information like the first and last time the asset was seen on the network. Offers flexible scanning choices depending on type of environment or information required.

Take immediate action on discovered rogue corporate assets, such as send block requests to Palo Alto Networks next-generation firewalls, deploy the Tanium agent to quickly bring them under management, notify that an asset has been lost, or tag them to support advanced workflows and custom needs.

Tanium Integrity Monitor

Tanium Integrity Monitor simplifies regulatory compliance and makes file integrity monitoring more effective enterprise wide.

Module Features
  • Enables continuous monitoring of critical operating system, application, and log files at enterprise scale
  • Integrated as part of the Tanium platform, it offers the ability to link file integrity monitoring with active alert investigation, configuration compliance, and vulnerability scanning, as well as many other aspects of endpoint management and security
  • Supports automatic whitelisting for better alerting and integration with existing incident management workflows such as SIEM or change management
  • Enables granular reporting to satisfy regulatory requirements such as PCI-DSS and CIS Critical Control #3
Tanium Patch

Tanium Patch enables IT professionals to customize patch workflows with up-to-the-second endpoint visibility and control with just a single server regardless of network scale.

Module Features

Delivers Windows OS patching capabilities with groundbreaking speed and reliability without requiring ongoing infrastructure additions, even as the network grows over time.

Provides patch administrators the flexibility to define custom workflows and schedule patches based on advanced rules or exceptions built around whitelists, blacklists, dynamic groups and patch lists.

Generates patch reports and returns current results from every endpoint of interest across the enterprise environment.

Tanium Protect

Tanium Protect delivers policies and actions to manage native operating-system protections at enterprise-scale – thus reducing the cost and complexity of endpoint security. Combined with Tanium IOC Detect, Protect empowers customers to seamlessly move from investigating their environment to taking proactive action to protect against threats.

Module Features

Create policies to block malicious network connections or software: block network connections using Windows Firewall and known bad / malicious or prohibited software (i.e. blacklist) using Windows Software Restriction Policy (SRP).

Manage health for Microsoft Anti-malware products (Forefront, Defender, SCEP) and EMET: to detect and block exploitation techniques that are commonly used to attack memory corruption vulnerabilities.

Integrated workflow to be able to detect (IOC Detect) and then block an in-process attack on every endpoint in seconds.

Tanium Threat Response

Tanium Threat Response delivers a broad set of capabilities to hunt, detect, investigate, contain, and remediate threats and vulnerabilities with unparalleled speed and scalability. Incident response teams can take an initial lead, quickly search, filter and visualize forensic data, and piece together the story of what happened on a single endpoint. They can then pivot to fully scope any incident across the enterprise. Threat response actions can be done in a single console through a single endpoint agent, eliminating security silos and supporting integrated workflows that promote teamwork and speed.

Module Features

Detect threats immediately: continuously monitor endpoints for threats, whether endpoints online or offline, including complex indicators that implement Boolean logic, and against both current-state endpoint activity and historical data. Real-time alerting gives security teams immediate notice of anomalies so they can be investigated. Alerts can be graphed by type or computer name and filtered for easy management.

Investigate thoroughly: record endpoint activities such as file system, process, network connections, registry and security events through kernel-level monitoring and pivot between single endpoint investigations to enterprise-wide searches, or vice versa, using context-sensitive links. Enterprise hunting capability allows incident responders to run searches directly from the investigation workbench, saving response time.

Remediate incidents on one or more endpoints across the enterprise in seconds: kill malicious processes, capture files, alert users, deploy patches, repair registry keys, apply configuration updates, uninstall applications, close unauthorized connections, reset user credentials, and more.

Integrated workflows: perform detection, response, and remediation actions with a single solution supported with role-based access control to give the right people the right level of power to do their jobs.