Attacks on the software supply chain continue to increase, due in part to companies' increasing reliance on numerous third-party vendors and service providers.
To keep a close eye on the threats facing today's organizations, Tanium has now added SBOM to its vulnerability management solution.
Open Source Software Threat
"Over 92 percent of applications contain open source libraries that can contain hidden vulnerabilities such as Log4j, OpenSSL or Struts that attackers can exploit," said Nic Surpatanu, Tanium's chief product officer. “Tanium SBOM is the only solution on the market that enables companies to identify and remediate vulnerabilities in the software supply chain within production. This enables DevOps and SecOps to identify and mitigate risks in development, staging and production environments.”
Support for ARM-based end devices
In addition to the threats posed by reliance on open source software, organizations today also have to deal with constantly evolving processor architectures. In fact, the deployment of ARM-based servers has increased sevenfold between 2019 and 2022, and ARM-based computers are expected to account for 2026 percent of all personal computers by 30. In 2022, Tanium introduced support for devices with ARM-based processors from Apple and Amazon. With future-proofing in mind, Tanium has expanded its support to more ARM-based endpoints running Oracle Linux, RedHat, and Windows 11.
More effective vulnerability management
Tanium also announces risk and compliance enhancements that will increase the efficiency and effectiveness of vulnerability and risk management programs while reducing the need for disparate point solutions:
ESXi support: New compliance and vulnerability assessments of ESX and ESXi hypervisors via vCenter APIs enable security teams to view and perform risk assessments for all virtual servers.
CISA Known Exploits and Vulnerabilities (KEV): Tanium's vulnerability assessments now include CISA KEV information on the most dangerous and active exploits, eliminating the need for manual analysis and immediately prioritizing high-risk CVEs for remediation with built-in remediation options.
Management of exceptions: Tanium's Risk and Compliance solution provides the ability to create compliance and vulnerability detection exceptions with valid reason or expiration date, allowing organizations to focus on areas that require immediate attention.
Benchmark improvements: A new page within Tanium Benchmark allows customers to quickly visualize the health of their key operational and security metrics.
About Tanium Tanium, the industry's only Converged Endpoint Management (XEM) provider, is leading the paradigm shift in traditional approaches to managing complex security and technology environments. Only Tanium protects every team, endpoint, and workflow from cyber threats by integrating IT, compliance, security, and risk into a single platform. The Tanium platform provides comprehensive visibility across all devices, a unified set of controls, and a common taxonomy.
Matching articles on the topic