Cybersecurity industry and enterprises were shaken with a high-profile July 2024 endpoint security software incident – in which its boot time driver failed, bricking systems worldwide and causing significant business disruption and associated financial losses. In addition to this making executive’s reading list, drivers continue to end up on analysts’ radar too as variety of Malware is also known to exploit and abuse Drivers.

Enterprises began asking, do I've Kernel driver that I don't know about that are making me vulnerable to such impactful incidents?

This talk brings forward a customized solution delivered via Tanium – using which attendees will be able to discover drivers in their environment, see if they're expected/authorized. Remediate the unexpected/have greater awareness of their environment and critical points to be watchful of that can cause aforementioned like crippling outage in their environment. Attendees will not only learn about this specific use case but also about custom sensor development and ability to run code (and retrieve its output) at scale using Tanium.

Additional details: