Tanium, an industry provider of converged endpoint management (XEM), released enhancements to the Tanium Software Bill of Materials (SBOM) that includes common vulnerability and exposures (CVE) information.
Tanium’s SBOM identifies software components on endpoints, including open-source software embedded in libraries within native and third-party software, enabling organizations to prioritize and remediate software supply chain risks with unmatched speed and scale.
In addition to several new risk and compliance features, Tanium also expanded support for ARM-based endpoints to help IT teams minimize blind spots and reduce the need for separate endpoint tools.
Software supply chain attacks continue to spike because of the increased reliance of organizations on numerous third-party suppliers and service providers. To keep a firm pulse on the threats facing today’s most vulnerable and highly targeted organizations, Tanium has added SBOM to its Vulnerability Management solution to find, prioritize and remediate emerging and zero-day vulnerabilities in the software components of applications, including open-source software embedded within application libraries, across all endpoints.
“Over 92 percent of applications contain open-source libraries that may contain hidden vulnerabilities like Log4j, OpenSSL, or Struts, which are exploited by attackers,” said Nic Surpatanu, chief product officer, Tanium. “Federal agencies, cyber insurance providers, and other organizations are increasingly requiring an SBOM for all utilized software. Tanium SBOM is the only solution on the market that allows organizations to identify and remediate software supply chain vulnerabilities in production. This empowers DevOps and SecOps to identify and mitigate risks across development, staging, and production environments.”
In addition to confronting threats introduced by reliance on open-source software, today’s organizations also grapple with evolving processor architecture. In fact, the use of ARM-based servers grew sevenfold between 2019 and 2022, and ARM-based computers are expected to make up 30 percent of all personal computers by 2026.
In 2022, Tanium rolled out support for endpoints running ARM-based processors from Apple and Amazon. With an eye towards futureproofing, Tanium has expanded its support to additional ARM-based endpoints running Oracle Linux, RedHat, and Windows 11.
“We expect the use of ARM-based processors to continue to grow for the foreseeable future due to its better performance and lower energy usage compared to x86-based processors,” said Vivek Bhandari, VP, product marketing at Tanium. “With these enhancements, Tanium continues to empower customers to find and bring missing endpoints under management and move away from point solutions towards a single, unified platform.”
The announcement coincides with a host of risk and compliance enhancements that will amplify the efficiency and efficacy of vulnerability and risk management programs, while reducing the need for disparate point solutions. These include:
- ESXi Support – New compliance and vulnerability assessments of ESX and ESXi hypervisors via vCenter APIs empower security teams to view and perform risk assessments on all virtual servers efficiently.
- CISA Known Exploits and Vulnerabilities (KEV) – Tanium’s vulnerability assessments now include CISA KEV information on the most dangerous and active exploits, eliminating the need for manual analysis, instantly prioritizing high-risk CVEs for remediation with its integrated remediation options.
- Exception Management – Tanium’s Risk and Compliance solution offers the ability to create exceptions for compliance and vulnerability findings with valid reason or expiration date, enabling organizations to focus on areas that need immediate attention.
- Benchmark Enhancements – A page within Tanium Benchmark allows customers to quickly visualize the health of their key operations and security metrics.
As organizations continue to embrace digital transformation, comprehensive endpoint visibility, control, and remediation at scale and in real-time are crucial to mitigate risks from cyber threats of today – and tomorrow.
To learn more about these enhancements, join the Tanium Innovation and Technology Update from 11 to 11:30 a.m., (PT) on Wednesday. Register today.
Visit www.tanium.com for more information.