Each group in our organization is managing a separate sets of data on the same endpoints. Finding the go to people to gather subsets of data greatly slows the speed of being able to respond to data requests and find problems. Due to the effort involved in finding data from different sources, the age of the data caused inaccuracies in the results.

Tanium started out in our environment as a SOC tool, but has involved into being the most complete and single source for information in our organization.

Initially we started using Tanium for SOC investigation and security agent reporting of endpoint health state. Due to Tanium being on every endpoint it became valuable to our organization outside of the security realm. We are now using Tanium to identify problems with applications, beginning to use it to age out unused software to free up license requirements and reduce risk footprint. Tanium has brought a level of fidelity in our data that would take sometimes weeks to get the information needed. This is allowing us to respond to issues quicker and even automating the process.

We have now using Tanium to automate the deploy security agents where missing. Our future is to further automate the troubleshooting process, and eliminate tasks that would have to be done by a technician to remediate. This allows for our technical staff to focus on more complex issues and projects.

Tanium has allowed Aegon to have better and more accurate data to make decisions in a more timely manner. It also also brought attention to areas in our organization the needed improvement, this is due to the visibility across multiple organization layers.

In May we shipped the first edition of Tanium Digital Employee Experience (DEX) and 6 months later the product is already gaining traction in the marketplace. In this session we will quickly recap all of the functionality that shipped in v1.0 and then we will focus the majority of our time on what we’ve learned so far and how we’re translating those learnings into an exciting roadmap.

Within a month of using Tanium we discovered an additional 6k endpoints, started managing them, and started monthly patching for all workstations. Being able to clearly present accurate, real-time metrics and KPIs to show progress for Vulnerability Management to a non-technical C-suite was a challenge. I asked Kevin if he could find a way to pull the raw data from the Tanium platform, so we had accurate data rather than the summarized data that the platform usually provides. He reached out to Chaitanya and they were able to create a way to forward the raw data to a database that we could then pull from with PowerBI to present for our executive metrics reporting. By utilizing Tanium, we have been able to remediate over 400k critical and high vulnerabilities in our environment in just a few short months.

This session will cover updates to the Tanium Endpoint Management portfolio including new and enhanced capabilities for endpoint provisioning, configuration, patching, and software deployment along with what is on the roadmap for the coming year.

File Integrity Monitoring is known for being noisy. With a large deployment and over a million daily events we found ourselves with a haystack where finding needles was nearly impossible. Follow along our journey to reduce the size of the haystack via various techniques and how we implemented a Machine Learning model to find the needles and other benefits it provides.

Learn how the power of strategic platforms (Tanium + MSFT + NOW) deliver a complete organizational operating environment spanning IT and SecOps workflows.

Tanium helped transform vulnerabilty management at HCSC. HCSC next step of the journey is integration into ServiceNow and how that is going to transform patching at the firm.

Intercontinental Exchange (ICE) owns global systemically critical infrastructure, and as such we are able to partner with the US Government to test/ improve our overall security posture. In 2022 we conducted an engagement with the CISA Red Team, who conduct operations emulating a mid-sized nation-state threat actor. My presentation is a review of how ICE Incident Responders identified, contained, and eradicated their attackers in less than two days using Tanium Threat Response.

When you need information and don't have enough humans to find and log into a bunch of machines. What do you do? Automation is the answer and in this presentation, we will show you some of our custom solutions along with how the Speed & Scale of Tanium delivered results for our entire environment. These are just a few examples of how to lessen the use of the “Sneaker” net (humans wearing sneakers (Shoes) and walking to every machine) to gather information. After all our Humans are busy and if we can gather the information fast, quick and current then they can move onto bigger and better things.

At Frasers Group we have a history of major crises related to certificate expiries and generally poor management of certificates once deployed. We previously had no good solution in place to monitor certificates other than some crude CA exports. After a lengthy period of expensive downtime caused by certificate expiry, an internal “taskforce” was put together to determine the best way forward. In this talk, you'll learn why we chose Tanium Certificate Management as our solution and what we look forward to doing in the future.

In 2023 we've work hard to expand the capabilities of Tanium Incident Response with a focus on adding new functionality so that we can better augment the incident response capabilities from the world’s leading SIEM, XDR and EDR solution. In this session we will quickly recap all of improvements that we have delivered in 2023 and then we’ll discuss what we’ve learned and translated into an exciting roadmap.

Join us by the fireside as we ignite a conversation around the Tanium and Microsoft partnership. Discover the dynamic synergy of Tanium and Microsoft uniting their strengths and forging an unstoppable alliance in cybersecurity. Grab the ember-ella and join us as we unveil the magic of melding two industry titans, and dive into the ways we built the kindling, added the "logs", and used the "win"-ds to flame the fire!

TransUnion struggled to manage MDE before the Tanium & Microsoft Partnership. After the partnership not only has health gotten exponentially better but the business is exploring moving to strictly MDE globally. TransUnion has been a customer since 2017 so there extensive knowledge of Tanium will be insightful for guests.

Education is one of the top sectors for Ransomware attacks, seeing 44% increase in cyber attacks last year. These institutions have a lot to protect, from staff and student data to critical research as well as, for university hospitals, confidential patience medical records.

With disparate networks, endpoints and locations, how can these vital organisations keep their data safe and allow their organisation to effectively operate. In this session you will hear from three universities on how they face this challenge head on with Tanium.

During the Converge conference held last year, I had the privilege of recounting my quest for an optimal patch management solution that could fulfill a set of pivotal requirements. This pursuit led me to the discovery of Tanium, a solution that not only satisfied our needs but exceeded our expectations.

We diligently sought a user-friendly, seamlessly integrated patch management solution that would not burden us with unnecessary complexity.

The automation of our patching process became the bedrock of our overarching philosophy. While we acknowledged the criticality of patching, we were steadfast in our determination to minimise the allocation of excessive time and effort to this task alone. As our patching processes and workflows matured, we ventured into exploring additional use cases beyond the realm of patch management.

This year, I am delighted to share how Tanium has evolved from a patch management solution to become a cornerstone of our endpoint security strategy.

This session will cover the significant developments in 2023 in the Risk and Compliance portfolio such as SBOM Vulnerability Assessments, Exception Management, and new Benchmark metrics. Our product experts will also provide you with an overview of new functionality coming over the next year for vulnerability and compliance scanning and industry benchmarking.

The 2023 White House National Cyber Security Strategy emphasizes the Federal Government's commitment to improving the nation's cybersecurity following recent costly events. As a Federal Systems Integrator, SAIC architected a comprehensive compliance process called Continuous Authority to Operate (c-ATO), which reduces the time and agency resources required for yearly ATO approvals.

SAIC’s Zero Trust model focuses on Identity, Devices, Network/Infrastructure, Applications, Data, and services visibility/analytics. The Tanium XEM platform operationalizes the c-ATO framework by enforcing policies and fixes, ensuring important devices are compliant. These integrated solutions offer enhanced security, asset tracking, patch and system updates, and insights to maintain system security in a highly dynamic environment.

In this session, we'll explain c-ATO, its alignment with NIST-800 53 and NIST 800-207, and how automation and integrations remediate issues. This solution benefits any Federal Agency as well as any commercial enterprise managing IT compliance frameworks.

Tanium has addressed two of our main problems: 1) Information inconsistency and visibility and 2) Disparate system used by IT teams across the globe. In this talk, you will learn how we became more efficient and became an enabler for other IT teams, now have better data within our CMDB, leading to much better remediation planning. We’re currently in the process of phasing out SCCM, migrating use-cases such as Software Deployment to either Intune or Tanium, with most currently moving to Tanium and exploring how to expand the value of Tanium via other areas of the Tanium XEM platform such as digital experience, certificate management, and remote screensharing, and how to ensure that our IT community actually users Tanium on their day to day.

Background: 8000+ High/Critical vulnerability and compliance findings. ​ Communicating vulnerability and compliance findings with actionable data was difficult.​ Reporting a downward trend in findings to management was lacking.

Approach: Used Tanium + Palo Alto XSOAR + ServiceNow to accomplish automated reporting on vulnerabilities and assign incidents to necessary organizational units.

Findings: Massive decrease in vulnerability and compliance findings on servers after implementing an automated workflow between Tanium and its integrations.

Roadmap: Automate reporting on workstations, application vulnerabilities, and compliance findings to necessary organizational units and stakeholders.

Conclusion: Tanium and its available integrations prove to be one of the most advanced and useful security tools on the market. It has proven to assist in drastically decreasing the vulnerability and compliance findings at Perrigo.

With constantly evolving business, technical, and regulatory requirements organizations must evolve as well by prioritizing differently and delivering solutions that meet their business challenges. Many organizations find themselves with 30+ separate cybersecurity tools and technologies deployed due to the rapid decentralization of the workplace. Ultimately, this has led to poor internal governance, disjointed security solutions, and directly impacted the effectiveness of security programs. To combat this requires consolidating into the appropriate cybersecurity tools and technologies and taking a modern approach that embrace production, innovation, automation, and satisfaction. During this session we will explore the modern workplace, technologies, and how to do more with less when it comes to building a modern cybersecurity solution.

Background: Before rolling out Tanium to our Manufacturing sites, each site used a very manual process to install patches, software, updates, etc. It was not a uniform process either, some sites used SCCM, manual updates, or didn't update at all just because it was so difficult.

Approach: Tanium was installed/in the process of being installed on all Manufacturing clients/locations. Once Tanium was installed processes to push out patches were created and now we have any easy way to install software on Manufacturing devices without having to manually install the software one by one or via SCCM. Specifically, we are using Tanium to deploy a new Anti-virus solution, and to remove the old AV tools. This saves a ton of time.

Findings: Manufacturing has a lot of use cases for using Deploy to push out software or updates to sensitives clients. Either via self-service, or admin deployment. Manufacturing uses this flexibility which also does not require a reboot. We have used self-service/deployments to install CrowdStrike AV and set up proxy servers at various Manufacturing plants without manual intervention.

Roadmap: Continue to use Deploy to push out CrowdStrike and other software to Manufacturing.

Conclusion: Tanium has allowed us to update our Manufacturing devices at a staggeringly fast rate. We no longer have uncoordinated rollouts of tools and updates. Plants/sites are more organized and running more efficiently.

In the ever-evolving landscape of cybersecurity with higher education, our journey began with a complex blend of tools to manage patching, network discovery, and security posture. We navigated a challenging terrain where threat research, compliance enforcement, and asset detection were a constant struggle. The lack of holistic device management cast a shadow of doubt over our security efforts.

Attend this session to learn how Tanium proved to be a beacon of light, converging a myriad of tools under a single, unified agent, instilling confidence in our security endeavors and becoming a game-changer in our quest for enhanced security and streamlined operations.

This session will cover a recap of new common platform capabilities added over the last year and what's on the roadmap for the coming year. This includes platform and client improvements, asset discovery and inventory, new devices and container support, automation with playbooks, data expansion including unmanaged assets, endpoint change management, and more.