Tanium's fast-acting endpoint management tool grows up

A new version of the endpoint management tool will be able to handle enterprises with millions of clients

A tool for nearly real-time management of clients like desktops, laptops and Windows tablets is now set to take on massive organizations that have millions of endpoints.

Tanium is software that can examine and modify all such clients across an enterprise within 15 seconds, according to the company. It's already being used by customers with more than 500,000 endpoints, and the newly released Version 6.5 is designed to serve some of the world's largest organizations, especially in the public sector, Tanium says.

At the heart of Tanium's software is the ability to rapidly reach all endpoints throughout an organization, which can speed up both security and IT management tasks. Tanium makes this work by organizing endpoints into linear chains in which they communicate peer to peer.

It's more efficient than hierarchical systems that require servers to check in with multiple clients out at the edge of the network, said Joe Lea, senior director of product management. How Tanium organizes its linear chains of devices to deliver data as quickly as possible is part of the core technology that the company set out to create when it was founded in 2007.

The ability to rapidly poll and modify end systems can pay dividends in security, helping enterprises detect and eliminate threats without having to wade through lengthy investigations of all their clients, Tanium says. It can also make software updates easier by showing what version each system is running and then quickly apply updates or patches.

Tanium can give enterprises extra speed to help them keep up with attackers, according to Gartner analyst Lawrence Pingree.

"Getting data back from a wide array of different endpoints rapidly is very important, especially given the speed at which some attacks are perpetrated," Pingree said. Once malware gets into a network, it can spread and do damage quickly.

There are other endpoint security companies that advertise real-time monitoring and response, including CrowdStrike and Bit9. Tanium sets itself apart by also handling a broad range of endpoint management tasks such as software updates, Pingree said.

Tanium doesn't reach smartphones or most tablets. It's been compiled for Android but isn't designed to be a mobile device management platform, Lea said.

A way to understand what Tanium does is to look at its natural-language query feature, a Google Search-like interface for finding out about endpoints. An administrator can type, for example, "show all running processes" and get back a list of all the current processes on all the clients in the enterprise.

The results can show how many employees are using Outlook and how many are on Facebook, but more importantly, it can display which systems have outdated and vulnerable versions of software or are running processes associated with known malware. From there, Tanium lets managers take steps like killing processes, quarantining machines or applying patches.

Typing queries isn't the only way IT departments can track down security problems with Tanium. Among other things, they can use IOCs (indicators of compromise), which are collections of malware information compiled by security companies and other sources. Tanium's software already can read IOCs and use them as a basis for queries. Version 6.5 automates that process and builds it into the product so it's less work for enterprises to use it.

The latest update also integrates Tanium with some commonly used tools for monitoring and managing IT infrastructure. Enterprises can feed the product's real-time information into software that uses SIEM (security information and event management) and CMDB (configuration management database), as well as help desk systems, Tanium says.

The new version also gets a dedicated tool for managing software updates and licenses across an enterprise, with enhancements including more flexible scheduling for patches and better reporting, Lea said.

Tanium has been available for about two years but saw an upsurge in popularity last year, Lea said. The company says it's now in use in half of the Fortune 100 enterprises, including half of the world's top 10 banks. On Tuesday, it announced $52 million in new funding from venture firm Andreessen Horowitz.

Stephen Lawson covers mobile, storage and networking technologies for The IDG News Service. Follow Stephen on Twitter at @sdlawsonmedia. Stephen's e-mail address is stephen_lawson@idg.com

Join the CSO newsletter!

Error: Please check your email address.

Tags securityIT managementTanium

More about FacebookGartnerGoogleIDGLawsonNews

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Stephen Lawson

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place