remediate security incidents faster with live endpoint data
TRANSCRIPT
How Tanium Works
what is happening on your endpoints at
all times
ASKa question in plain English
KNOW ACTtake action by identifying
the incident and then then remediate
Deploy a Patch
In 15 Seconds
What are the computer names and running processes with MD5 hashes from all machines ?
Kill a Process
Uninstall an ApplicationGoogle for IT Data
Quarantine Endpoint
TheTaniumArchitecture
• Patented communications architecture
• Single agent and infrastructure
• Response times measured in seconds
• Visibility and control on-premises and off
Tanium “Connect” Sources and Destinations
4
Connect Data Sources Tanium Connect Destinations• Action History• Audit Log• Event• Question Log
• Reputation Services• Email• SIEMs• Syslog• Databases• File (json, txt, csv)• HTTP for REST API• Reputation Service• Socket Receiver
• Reputation Service• Saved Question• Server Information• System Status
Three Example Use Cases…
• Monitor and alert on system status thresholds
• Monitor and alert on new account creation activity
• Monitor and alert on malicious processes
• There is a lot more use cases we can discuss after the presentation.