Today we are pleased to announce the general availability of Tanium Discover version 3.1, which includes the ability to discover endpoints deployed in the Amazon Web Services (AWS) cloud.
Tanium Discover scans networks to find hidden, unmanaged assets even across large, distributed global networks with hundreds of thousands of endpoints. Administrators can choose to block the devices or bring them under management to help ensure all devices connected to the network are accounted for and under control.
Tanium Discover’s AWS discovery leverages a new scanning feature we developed called Centralized Scan Profiles.
With a centralized scan, you can discover endpoints in a network where there are no Tanium Clients deployed. In the case of AWS scanning, Discover doesn’t actually do a network scan, so there’s no extra network traffic generated and no impact on local networks. Instead, Discover will access the AWS API and query information about the EC2 instances deployed in each specified region. This discovery will also find EC2 instances that have been stopped or are otherwise not active on the network.
Discover will retrieve a number of metadata values about each found instance, including the IP address, MAC address, region, size, operating system, owner, tags, and state. These values can then be used to create unique Labels so you can group your cloud instances by account, region, type, etc.
The release of Discover 3.1 is yet another development of our endpoint and security management platform that allows organizations to achieve transformational risk reduction by identifying, measuring, prioritizing and executing actions on all manageable endpoints in your environment, no matter where they exist; in the cloud, on-premises, anywhere.
To learn more about the new Discover features: