Incident Response starts with having clear visibility.

Tanium Threat Response is a key component to the incident response lifecycle at Lowe's. The Tanium Platform can be leveraged in multiple ways including for real time visibility, for specific solutions needs/gaps, to augment existing solutions, and serve as a data pump across your organization.

Lowes is aligned to the NIST-SPOO-61r2 (Incident Response) lifecycle and has leveraged Tanium throughout its major phases including Preparation, Detection and Analysis, and Containment Eradication & Recovery.

Tanium is used through these phases including foundational visibility that Tanium provides along with capabilities in Discover, Comply, Enforce, Deploy and Threat Response.

During the course of the Preparation phases, Tanium was identified as providing coverage across many of the CIS controls. Tanium in conjunction with Lowe’s other tools provided full coverage of CIS controls.

Tanium was able to extend capabilities of already embedded tools such as Microsoft Intune.

Lowe's will continue to build out and expand Tanium capabilities across the enterprise.

Focus will be on rolling out/further rolling out Patch, Certificate Manager, and Performance.

Additional details: