Tanium Improves EDR With Threat Response Security Platform

Tanium evolves its endpoint detection and response capabilities with a new offering that combines multiple security features to help rapidly find and remediate threats.


Security startup Tanium is evolving its endpoint detection and response (EDR) capabilities with a new offering called Threat Response. The technology expands on the company's previous efforts, including Indicator of Compromise (IOC) Detect, Tanium Trace and Tanium Incident Response.

"Tanium has been delivering incident response, forensics and investigation capabilities for over two years to our customers, and this launch is about bringing those capabilities to the next generation," Ryan Kazanciyan, chief security architect at Tanium, told eWEEK

Tanium was founded in 2007 by David and Orion Hindawi, who previously had started endpoint security system management vendor BigFix in 1997. The company has raised $407 million in funding to date, including a $100 million round announced on May 25. Tanium's core platform enables organizations to rapidly gain visibility and manage systems at scale.

Kazanciyan explained that with Threat Response, Tanium is taking what it already does with the company's core platform and applying that to do more comprehensive real-time detection and alerting, as well as providing advanced workflow capabilities.

"With Threat Response, we're providing more out-of-the-box intelligence to help our customers detect and respond to more types of attack activities," he said.

Threat Response integrates with and expands on what had been multiple separate modules on Tanium's core platform, including IOC Detect, Tanium Trace and Tanium Incident Response. Kazanciyan explained that the new Threat Response offering represents a complete redesign and overhaul of the prior capabilities.

"What was formerly thought of as multiple separate components that loosely worked together is now one single offering," he said. "By being all together and with the addition of new features, Threat Response is now a much more comprehensive solution than what we had before."

Incident response can often involve the need for professional services, though that's not what Tanium is providing. Kazanciyan said Threat Response is a software service and not a professional services engagement. That said, he added that Tanium has an endpoint detection and response threat intelligence team that provides value to customers.

"We remain a pure software company, and when it comes to professional services we choose to partner with third-party firms that use Tanium," Kazanciyan said. "We have a number of partners that we have worked with for years, including PriceWaterhouseCoopers and Accenture."

Kazanciyan came to Tanium with a background in incident response professional services, joining the company in May 2015 after spending six years at FireEye Mandiant as technical director and incident response functional lead. 

"In the two years I've been at Tanium, I've got a better appreciation for how clearly systems management ties into security operations," Kazanciyan said. "I came to Tanium with a strong background in incident response and forensics, but little experience in the day-to-day operation world.

"It has been really informative for me to see how many security problems can be fixed with good IT practices," he said.

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.