Cybersecurity industry and enterprises were shaken with the July 2024 CrowdStrike incident, in which its boot time driver failed, bricking systems worldwide and causing billions of dollars in damage. Enterprises began asking, "Do I have Kernel driver that I don't know about that makes me vulnerable to such failures?". This session brings forward a customized solution delivered via using Tanium in which attendees will be able to discover drivers in their environment and see if they're expected/authorized. Remediate the unexpected/have greater awareness of their environment and critical points to be watchful of that can cause another CrowdStrike like fiasco in their environment, Attendees will not only learn about this specific use case but also about custom sensor development and ability to run code at scale using Tanium.

Additional details: