remediate security incidents faster with live endpoint data
Post on 21-Jan-2018
131 Views
Preview:
TRANSCRIPT
How Tanium Works
what is happening on your endpoints at
all times
ASKa question in plain English
KNOW ACTtake action by identifying
the incident and then then remediate
Deploy a Patch
In 15 Seconds
What are the computer names and running processes with MD5 hashes from all machines ?
Kill a Process
Uninstall an ApplicationGoogle for IT Data
Quarantine Endpoint
TheTaniumArchitecture
• Patented communications architecture
• Single agent and infrastructure
• Response times measured in seconds
• Visibility and control on-premises and off
Tanium “Connect” Sources and Destinations
4
Connect Data Sources Tanium Connect Destinations• Action History• Audit Log• Event• Question Log
• Reputation Services• Email• SIEMs• Syslog• Databases• File (json, txt, csv)• HTTP for REST API• Reputation Service• Socket Receiver
• Reputation Service• Saved Question• Server Information• System Status
Three Example Use Cases…
• Monitor and alert on system status thresholds
• Monitor and alert on new account creation activity
• Monitor and alert on malicious processes
• There is a lot more use cases we can discuss after the presentation.
top related