1E Accelerates Software Security Patching With Tachyon Update

The EDR platform adds new capabilities to enable scheduled scanning and now has the ability to detect when an endpoint is no longer connecting.

1E Tachyon

Enterprise software life cycle automation management firm 1E is updating its Tachyon Endpoint Detection and Response (EDR) platform today with new capabilities to improve automated remediation.

1E has been in business since 1997, led by CEO Sumir Karayi, with a goal of helping to improve Windows PC and server management. In March 2017, 1E announced the initial public debut of its Tachyon EDR platform, which is now being expanded in a new update.

"In the past what we had done is a lot of work with Microsoft enhancing their SCCM [System Center Configuration Manager]," Karayi told eWEEK. "We found that a system like SCCM is really good at large-scale repetitive tasks, but not so good at responding to brand new threats. That's why we built Tachyon."

Karayi said Tachyon enables administrators to have real-time communication with endpoints and servers, to query about status and to identify potential risks. There is a central database at the core of Tachyon that Karayi referred to as a "transitory" database, where data is only kept for a short period of time. The system also provides agents on endpoints where small local databases are kept.

"We capture the meaningful things on systems," Karayi said.

Those meaningful items include common system actions such as new software installations as well as when a new web address is visited. The Tachyon agent is written in the C and C++ programming languages to enable compatibility across a variety of systems and for performance reasons. Karayi said that the Tachyon agent takes less than 10MB of memory on an endpoint.

"Effectively, we can make the agent increasingly intelligent over time," Karayi said. "It allows the central system to always have an open connection with the agent and send the agent only one packet of data per question."

With the new Tachyon update announced today, an operator can now schedule system queries. Additionally, the platform can now detect when an endpoint agent is not able to connect to the system and provide options for remediation. 1E is also aiming to encourage its community of users to extend Tachyon with product packs that provide scanning instructions for specific threats. Product packs can be uploaded by 1E customers to the new Tachyon Exchange and shared with others.

The market for EDR platforms is a competitive one with multiple vendors offering technologies and services. Karayi specifically sees EDR security vendor Tanium as one of his key competitors and is aiming to differentiate Tachyon against it with advanced performance and capabilities. Tanium recently announced a new $100 million funding round, bringing the company's valuation to $3.75 billion.

Looking forward, 1E is planning further enhancements to Tachyon, joining it with the company's software life cycle automation (SLA) features.

"When we join Tachyon to SLA we get some interesting new capabilities," Karayi said. "The really big thing they get is intelligence about all the software running in an environment and how it is being used."

The Tachyon platform in primarily deployed today as an on-premises service, though Karayi noted that 1E also has an Amazon Web Services (AWS) cloud option as well, with a Microsoft Azure version currently in development.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.