For Tanium’s technology and engineering team, Converge is an opportunity to showcase the past year’s new product and feature releases. More importantly, our annual customer event is a time to lay out a vision for the future. Converge 2023, which took place this past November, was no exception.
In his keynote address, Tanium Chief Technology Officer Matt Quinn highlighted the challenges faced by IT and security teams, including supply chain attacks, increased IT costs due to hybrid work, and the growing number of investigations that IT security and ops teams must perform.
To combat these rising challenges, Tanium has delivered new capabilities to a number of our products, such as Tanium Provision, Enforce, Investigate, Benchmark, and Tanium Software Bill of Materials (SBOM).
But by far, the talk of the show was Matt Quinn’s announcement of Autonomous Endpoint Management or AEM, which represents the next step in Tanium’s evolution as the leader in converged endpoint management.
What is Autonomous Endpoint Management?
Autonomous Endpoint Management, or AEM, is an emerging new market category and a next-generation approach in development for Tanium that will take advantage of composite AI to provide intelligent automation and decision-making capabilities for managing IT endpoints.
Since our inception, Tanium has been a principal driver in the evolution of endpoint management. From the first deployment of our unique single-agent, linear architecture endpoint management solution to our cloud-first Converged Endpoint Management (XEM) platform, Tanium has been at the forefront of providing visibility, control, and remediation of endpoint devices for many of the world’s most critical organizations.
AEM is a natural next step in the evolution of our Converged Endpoint Management platform, a labor-saving future that we are creating through autonomous and AI-assisted capabilities. Already, our XEM platform empowers users to automate certain routine tasks (e.g., automated configuration enforcement) and threat remediation (with Tanium Guardian), while the Tanium Digital Employee Experience solution saves users time by enabling employees to self-remediate many common issues.
AEM means leveraging real-time data and insights from the Tanium XEM platform to make recommendations and automate actions based on AI insights, peer success rates, and customer risk thresholds. It is also about giving IT operations and security teams more control over their endpoint management policies, not less. Rather than a black box, our approach to AEM will provide organizations with high-fidelity control and governance for all recommendations and automation. This is provided because there is no one-size-fits-all approach to automation and endpoint management.
Tanium’s autonomous future will enable organizations to set corporate policies, define governance rules and required authorizations, and make decisions about the level of autonomy they are comfortable with. They can choose to manually remediate issues or allow the system to automatically remediate them based on their preferences and requirements. “This approach lets organizations get familiar with the tech and build up trust,” says Gabe Knuth, senior analyst with ESG in his article about Tanium’s AEM launch.
The goal is to enable IT teams to make more informed and efficient decisions, reduce the burden of manual tasks, and ultimately improve security and operational posture to levels not achievable in the past. Rather than take control and decision-making away from practitioners, our model for Autonomous Endpoint Management leaves customers in the driver’s seat. “Autonomous Endpoint Management allows you to get ahead of routine IT and security issues,” says Matt Quinn, “but in a way that is always going to be safe, where you’re always going to be in control.”
Tanium’s model for Autonomous Endpoint Management will begin with capabilities such as smart actions (automation), an actions center (governance), and intelligent assistance (contextual search recommendations). “We want to work very closely with our customers as we build out the first steps toward Autonomous Endpoint Management,” says Quinn, “to make sure that AEM isn’t simply powerful, but that it’s also incredibly useful and makes a positive impact on our customers’ day-to-day.”
Autonomous Endpoint Management is currently in active development and is expected to be available beginning in the summer of 2024. To learn more about the autonomous future of Converged Endpoint Management, contact us for an in-person demonstration.
Other new features and capabilities highlighted at Converge 2023
Beyond Autonomous Endpoint Management, Matt Quinn called out a partial list of recent and upcoming product and feature releases that further expand and enhance the Tanium XEM platform.
Tanium Automate is a new capability being developed by Tanium that aims to automate repetitive tasks in IT and security operations. It provides a simple and intuitive workflow for automating tasks such as provisioning systems, screen sharing, defining security policies, and more. Tanium Automate allows users to create and schedule automated actions, link different steps together, and iterate on playbooks or runbooks. It is designed to improve efficiency, reduce manual effort, and increase productivity in IT and security operations. Tanium Automate is currently in private preview and is expected to be available to all users in mid-2024.
Tanium Provision is a capability that provides a modern and simplified workflow for bare metal provisioning of Windows and Linux systems. It allows for the deployment of new operating systems without a massive management overhead, facilitating deployments whether local or remote, on network or off. It uses a unique approach compared to traditional PXE-based server deployments and offers complete deployment and image redeployment management.
Tanium Enforce is a solution that allows you to define security user and CSP policies for on-premises, remote, domain-joined, and non-domain-joined systems. It ensures that your devices are secured no matter where they are or what domain they’re part of. Enforce also provides the ability to define simple or granular rule sets to allow or deny access to USB storage-based devices. In addition, Enforce also supports policy management through MDM where required for macOS devices.
Tanium Performance is a module within the Digital Employee Experience (DEX) solution that provides visibility into endpoints and allows monitoring of system events and performance data. The goal of Tanium Performance is to improve the digital employee experience by reducing help desk expenses, identifying hardware issues earlier, reducing user interruptions, and increasing employee sentiment. Features new to Performance include the ability to monitor different types of system events and network telemetry, such as wireless signal strength and network latency. It also allows users to define and monitor their own applications, track crashes, disk I/O, and more.
Tanium Investigate released this summer provides a means to resolve security and operations incidents on your endpoints more quickly. It allows teams to remotely manage endpoints and provides a single pane of glass to curate personalized views of performance data as well as operational and security events. It integrates with ServiceNow for collaboration and case management and enables the export of comments to ServiceNow incidents. Tanium Investigate aims to reduce the amount of time needed to resolve incidents and enhance the effectiveness of security teams.
Tanium Benchmark is a new capability that allows customers to benchmark their own performance against their peers for enterprise risk, compliance, security, and endpoint operational metrics. It provides reports that use the data already used daily, allowing leadership and boards of directors to leverage this information. Benchmark is continually updated, allowing customers to measure their performance against goals in real time.
Tanium Software Bill of Materials (SBOM)
Software supply chain attacks have become more common in the last 12 months. These attacks involve threat actors adding malicious code or backdoors to software packages via commonly used open-source code. It’s not just the application itself that can be compromised, but also the open-source libraries it depends on. To address this issue, Tanium software bill of materials (SBOM) allows organizations to identify and remediate vulnerabilities in their software supply chain, including both direct and transient dependencies.
The Tanium Gateway allows for integrations outside of the Tanium platform. It enables the extension of functionality within Tanium itself and provides secure access to Tanium’s APIs. The Gateway follows an API-first approach to development, allowing for the integration of different types of APIs, including RESTful interfaces and GraphQL. The goal is to achieve complete coverage for all APIs across all modules, including the platform, by the end of 2024. The Tanium Gateway is used to power new solutions and is being utilized in collaborations with partners like Microsoft for innovative proof-of-concept integrations.
To learn more about the autonomous future of Converged Endpoint Management, contact us for an in-person demonstration.