Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Remediate Security Incidents Faster With Live Endpoint Data


Published on

Learn how ServiceNow partner, Tanium, helps you resolve security threats quickly using live endpoint data.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Remediate Security Incidents Faster With Live Endpoint Data

  1. 1. Remediate Security Incidents Faster With Live Endpoint Data
  2. 2. How Tanium Works what is happening on your endpoints at all times ASK a question in plain English KNOW ACT take action by identifying the incident and then then remediate Deploy a Patch In 15 Seconds What are the computer names and running processes with MD5 hashes from all machines ? Kill a Process Uninstall an ApplicationGoogle for IT Data Quarantine Endpoint
  3. 3. The Tanium Architecture • Patented communications architecture • Single agent and infrastructure • Response times measured in seconds • Visibility and control on-premises and off
  4. 4. Tanium “Connect” Sources and Destinations 4 Connect Data Sources Tanium Connect Destinations • Action History • Audit Log • Event • Question Log • Reputation Services • Email • SIEMs • Syslog • Databases • File (json, txt, csv) • HTTP for REST API • Reputation Service • Socket Receiver • Reputation Service • Saved Question • Server Information • System Status
  5. 5. Three Example Use Cases… • Monitor and alert on system status thresholds • Monitor and alert on new account creation activity • Monitor and alert on malicious processes • There is a lot more use cases we can discuss after the presentation.
  6. 6. 6 Automating Ticket creation – CPU Utilization?
  7. 7. Automating Ticket creation – local Admin account? 7
  8. 8. ServiceNow workflows can automatically call Tanium 8
  9. 9. 9
  10. 10. 10
  11. 11. Thank You! For more information stop at booth #1108