Security vendor Tanium first achieved some measure of notoriety in June 2014, when it announced a $90 million investment was made in the company. Tanium has gone on to raise additional funding since then, as the company grows its platform, which is all about helping organizations rapidly identify, detect and analyze what is running in an IT infrastructure.
The Tanium Endpoint Platform is a modular piece of technology, with new modules regularly being added that provide specific areas of focus. The newest module is “Comply,” which helps organizations with various compliance regulations.
Comply is the ninth module available that runs on the Tanium Endpoint Platform, according to Joe Lea, senior director of product management at Tanium. Other Tanium modules include ones for patch management, forensics and incident response.
“We have been working on compliance for a while, starting with some work we had been doing with the federal government,” Lea said.
Tanium’s platform promises rapid visibility that reduces the time to action for an IT organization. There are multiple compliance regimens that Tanium’s Comply module can help with, including the Payment Card Industry Data Security Standard (PCI DSS). That said, Lea noted that Tanium doesn’t replace the need for a security information and event management (SIEM) tool that is a requirement for PCI DDS compliance. The Comply module is competitive with security configuration management tools such as IBM’s BigFix, he said.
Tanium founder Orion Hindawi co-founded, along with his father David Hindawi, BigFix in 1997, which IBM acquired in 2010.
The Tanium Endpoint Platform helps organizations understand their security posture, and even a security company like Tanium could well have devices or systems that are out of compliance. In fact, Tanium is among the many users of its own platform.
“The great thing is that if something isn’t right, we know about it,” said Chief Security Officer Dave Damato, whose responsibilities include helping with product direction as well as managing the company’s own internal IT and security. “We have some really great metrics, like mean time to patch.”
The mean time to patch metric measures how long it takes to patch applications and operating systems in an organization. In addition, Damato said that if a system within Tanium’s infrastructure is found to be operating outside of the company’s guidelines, mitigating controls can be put in place.
Damato said Tanium is not subject to any specific compliance requirements. That said, Tanium uses the Center for Internet Security (CIS) benchmarks as a way to track configuration drift over time, he said.
“So I can track whether systems are in line with the control baseline that we have established across our organization,” Damato said.
Over time, if Tanium is required to meet a compliance specification, Damato said he’ll be ready to audit Tanium’s own compliance with the Comply module.
While the Comply module is the newest addition to Tanium’s platform, one of the most successful modules is the company’s Incident Response capability. Tanium also has a forensics module called Trace that can help track down the root cause of a security incident.
Prior to joining Tanium in 2015, Damato worked as a managing director at Mandiant, now a FireEye company, leading professional services including helping with incident response.
“In my industry in the past performing investigations, one thing that we constantly saw is that the amount of damage and cost associated with a breach was directly related to how long ago the breach had occurred,” Damato said. “Most mature organizations are looking to drive down their mean time to response.”
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.