Tanium’s Latest Platform Overhauls Threat Detection and Expands Endpoint Access

Tanium Enhances Software Bill of Materials (SBOM) with Common Vulnerability and Exposures (CVE) Information

Addressing Software Supply Chain Risks

Tanium, the industry’s leading provider of converged endpoint management (XEM), has announced major enhancements to its Software Bill of Materials (SBOM). The SBOM now includes detailed information about Common Vulnerability and Exposures (CVE), allowing organizations to identify and remediate software supply chain risks more effectively.

The SBOM is a critical tool that helps organizations identify software components on endpoints, including open-source software embedded in libraries within native and third-party software. With the growing reliance on multiple third-party suppliers and service providers, software supply chain attacks have been on the rise. These attacks exploit hidden vulnerabilities within open-source libraries, such as Log4j, OpenSSL, or Struts, that are often found in more than ninety-two percent of applications.

The addition of CVE information to the SBOM enables organizations to prioritize and remediate emerging vulnerabilities, including zero-day exploits, in the software components of their applications. By providing visibility into potential risks, Tanium empowers DevOps and SecOps teams to mitigate these risks across development, staging, and production environments.

Philosophical Discussion: Balancing Convenience and Security

The increasing reliance on open-source software and the growing number of software supply chain attacks highlight a fundamental tension in today’s digital landscape. On one hand, open-source software provides flexibility, accessibility, and collaborative development. On the other hand, it introduces potential vulnerabilities that can be exploited by attackers.

This trade-off is not unique to software development but extends to other areas of our interconnected world as well. The convenience that comes with interconnectedness often comes at the cost of security. As organizations strive for digital transformation and seamless operations, they must carefully navigate this delicate balance between convenience and security.

Expanding Support for ARM-Based Endpoints

In addition to addressing software supply chain risks, Tanium has also announced the expansion of its support for ARM-Based endpoints. The use of ARM-based servers has grown significantly in recent years and is projected to continue expanding, making up thirty percent of all personal computers by 2026.

Tanium‘s support for ARM-Based endpoints helps IT teams minimize blind spots and reduce the need for separate endpoint tools. ARM-based processors offer better performance and lower energy usage compared to traditional x86-based processors. Recognizing this trend, Tanium has expanded its support to include ARM-based endpoints running Oracle Linux, RedHat, and Windows 11.

This expansion is crucial for future-proofing organizations as they embrace evolving processor architectures and seek unified platforms to manage their endpoints effectively.

Risk & Compliance Enhancements

In addition to the SBOM enhancements and support for ARM-based endpoints, Tanium has introduced several new Risk & Compliance features to amplify the efficiency and efficacy of vulnerability and risk management programs. These enhancements reduce the need for disparate point solutions and enable organizations to streamline their security operations.

The new features include:

1. ESXi Support: Tanium now offers compliance and vulnerability assessments of ESX and ESXi hypervisors via vCenter APIs. This empowers security teams to perform risk assessments on all virtual servers efficiently.

2. CISA Known Exploits and Vulnerabilities (KEV): Tanium‘s vulnerability assessments now include CISA KEV information on the most dangerous and active exploits. This eliminates the need for manual analysis and instantly prioritizes high-risk CVEs for remediation.

3. Exception Management: Tanium‘s Risk and Compliance solution allows organizations to create exceptions for compliance and vulnerability findings with valid reasons or expiration dates. This ability to focus only on areas that need immediate attention streamlines the remediation process.

4. Benchmark Enhancements: Tanium Benchmark introduces a new page that enables customers to visualize the health of key operations and security metrics quickly.

These Risk & Compliance enhancements offer organizations enhanced visibility, control, and remediation capabilities at scale and in real-time. In an era of rapid digital transformation, these features are crucial for mitigating the evolving risks posed by cyber threats.

Guiding Organizations through the Cybersecurity Landscape

The announcements made by Tanium reflect the ongoing challenges organizations face in cybersecurity. With the increasing complexity of software supply chains and the adoption of new processor architectures, staying ahead of emerging threats requires a comprehensive and unified approach to endpoint management.

Organizations must prioritize robust vulnerability management strategies that include proactive identification, monitoring, and remediation of software supply chain vulnerabilities. The integration of CVE information into Tanium‘s SBOM is a step in the right direction, helping organizations address the hidden risks within their software components effectively.

Furthermore, the expansion of support for ARM-based endpoints highlights the need to anticipate and adapt to evolving technology trends. By embracing unified platforms like Tanium, organizations can gain comprehensive endpoint visibility and control, mitigating risks not just from current cyber threats but also those that may arise in the future.

In conclusion, as organizations grapple with cybersecurity challenges, they must strike a balance between convenience and security. The convenience offered by interconnected systems and open-source software should not come at the expense of robust security measures. With the right tools and strategies in place, organizations can effectively navigate the ever-changing cybersecurity landscape and protect themselves from emerging threats.