Tanium Platform Advances Threat Identification Capabilities and Enhances Endpoint Reach
June 2023 by Marc Jacob
Tanium released major enhancements to the Tanium Software Bill of Materials (SBOM) that now include Common Vulnerability and Exposures (CVE) information. Tanium’s SBOM identifies software components on endpoints, including open-source software embedded in libraries within native and third-party software, enabling organizations to prioritize and remediate software supply chain risks with unmatched speed and scale. In addition to several new Risk & Compliance features, Tanium also announced the expansion of support for ARM-Based endpoints to help IT teams minimize blind spots and drastically reduce the need for separate endpoint tools.
Software supply chain attacks continue to spike due in part to the increasing reliance of organizations on numerous third-party suppliers and service providers. To keep a firm pulse on the threats facing today’s most vulnerable and highly targeted organizations, Tanium has added SBOM to its Vulnerability Management solution to find, prioritize, and remediate emerging and zero-day vulnerabilities in the software components of applications, including open-source software embedded within application libraries, across all endpoints.
In addition to confronting threats introduced by reliance on open-source software, today’s organizations also grapple with continually evolving processor architecture. In fact, the use of ARM-based servers grew sevenfold between 2019 and 2022 and ARM-based computers are expected to make up thirty percent of all personal computers by 2026. In 2022, Tanium rolled out support for endpoints running ARM-based processors from Apple and Amazon. With an eye towards futureproofing, Tanium has expanded its support to additional ARM-based endpoints running Oracle Linux, RedHat, and Windows 11.
Today’s announcement also coincides with a host of new Risk & Compliance enhancements that will amplify the efficiency and efficacy of vulnerability and risk management programs, while also reducing the need for disparate point solutions. These include:
• ESXi Support: New compliance and vulnerability assessments of ESX and ESXi hypervisors via vCenter APIs empower security teams to view and perform risk assessments on all virtual servers efficiently
• CISA Known Exploits and Vulnerabilities (KEV): Tanium’s vulnerability assessments now include CISA KEV information on the most dangerous and active exploits, eliminating the need for manual analysis, instantly prioritizing high-risk CVEs for remediation with its integrated remediation options.
• Exception Management: Tanium’s Risk and Compliance solution offers the ability to create exceptions for compliance and vulnerability findings with valid reason or expiration date, enabling organizations to focus on areas that need immediate attention.
• Benchmark Enhancements: A new page within Tanium Benchmark allows customers to quickly visualize the health of their key operations and security metrics.