Download   Report
  1. technology and computing
  2. computer security
  3. antivirus and malware

Tanium IOC Detect

Data Sheet
Tanium IOC Detect
Tanium IOC Detect makes threat detection actionable and efficient by consolidating and
translating threat intelligence data from multiple sources to automatically detect complex
indicators of compromise across millions of endpoints in seconds.
Too Much Data, Not Enough Time
Modern cyber attacks are becoming more frequent, alarmingly stealthy and
terrifyingly efficient as polymorphic malware continue to bypass traditional
signature-based preventative measures and wreak havoc on high value assets.
Industry leaders, enterprises and government organizations are now fighting back
by investing heavily in security research to identify the unique characteristics of
these threats, and also by collaborating with community efforts dedicated to
combating cyber crime.
Unfortunately, security analysts and incident response teams within these
enterprises and government organizations are unable to take advantage of the
wealth of threat intelligence now available to them, because they do not have any
means to analyze this volume of complex data and remediate accordingly at the
speeds and scales required to stop attacks already underway.
At A Glance
●
●
●
●
Automates IOC scanning and reporting
Analyzes IOCs across millions of
endpoints with results back in seconds
Supports industry standard formats
such as OpenIOC, Yara, and STIX
Integrates IOCs from internal sources
as well as external threat intelligence
providers
The Tanium Difference
The Tanium Endpoint Platform is the first and only enterprise platform that empowers security and IT operations teams with 15-second
visibility and control to secure and manage every endpoint, even across the largest global networks. Its patented architecture transcends
the inherent limitations of hub-and-spoke technologies by harnessing the speed of low-latency local area networks coupled with a
minimal, cost-saving infrastructure that effortlessly scales to millions of endpoints without the need for ongoing addition and maintenance
of supporting servers. The Tanium Endpoint Platform delivers the speed, scalability and reliability necessary for defending against today’s
threat landscape.
Tanium IOC Detect Overview
Tanium IOC Detect, a module of the Tanium Endpoint Platform, provides the most adaptable and integrated threat detection solution
available. Tanium IOC Detect can evaluate complex indicators of compromise (IOC), which may contain dozens of attributes like filenames,
registry settings, IP addresses, MD5 hashes or even observable suspicious behaviors, on endpoints across networks of any size and return
back results in seconds. In addition, Tanium IOC Detect enables security teams to easily consolidate their threat intelligence data from
multiple sources and automate their detection and remediation workflow to accelerate the path to neutralizing persistent threats.
Tanium IOC Detect supports industry standard formats such as OpenIOC, Yara, STIX and TAXII.
DS-TIOCD-072015
© 2015 Tanium, Inc. All rights reserved. Tanium is a registered trademark of Tanium, Inc. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.
1
Key Features
IOC Detection On Every Endpoint In Seconds
Tanium IOC Detect greatly accelerates threat detection by allowing for multiple IOCs to be evaluated in a single scan with minimal impact to
the endpoint and network, and it also makes the process trivially simple by automatically translating complex IOCs into questions that the
Tanium Endpoint Platform can ask every endpoint with just a single click.
Automated IOC Detection
Threats can strike at anytime, so having to manually seek
them out on an ongoing basis places a heavy burden on
security teams, because this responsibility becomes
progressively more time consuming as new threats continue
to emerge. With Tanium IOC Detect, security teams have the
flexibility to both automate IOC scans across the entire
enterprise, as well as perform quick ad-hoc scans against
just a select group of endpoints to ensure that there is never
a lapse in threat detection.
Threat Intelligence Integration
Tanium IOC Detect provides integrations with leading
commercial threat intelligence providers like ThreatStream
and iSIGHT Partners, as well as open platforms like Soltra
Edge. Tanium IOC Detect simplifies the process of unifying
relevant threat intelligence across multiple sources and
transforms the Tanium Endpoint Platform into the fastest
and most cost effective threat detection solution.
Automate IOC detection across millions of endpoints with accurate results
back in seconds.
Supports OpenIOC, Yara, STIX and TAXII
Tanium IOC Detect supports custom IOC definitions structured in popular industry standard formats such as OpenIOC, Yara and STIX.
Tanium makes it easy to share threat data internally across teams, as well as provide flexibility in creating or enhancing existing IOC
definitions that conform to these open standards to target specific organizational needs or considerations.
System Requirements
Server Requirements1
Managed Endpoints
Client Requirements1
Up to 35,000
Up to 150,000 Up to 400,000
●
Hardware Requirements
(Tanium Server / Database Server)
16 / 8
40 / 32
80 / 64
Memory
24 GB / 16 GB
128 GB / 64 GB
256 GB / 128 GB
Disk Space2
400 GB / 1 TB
1.5 TB / 4 TB
3 TB / 10 TB
Processor Cores (Physical)
Microsoft Windows 2000, XP,
Vista, 7, 8 or Windows Server
2000, 2003, 2008, 2012
Software Requirements
3
Operating System
Microsoft Windows Server 2008 R2, 2012 or 2012 R2
Database Version
Microsoft SQL Server 2008, 2012 or 2014
For more detailed information visit https://kb.tanium.com/System_Requirements
Disk space requirements are approximations and actual values may vary depending on usage and use cases
3
Tanium IOC Detect requires .NET Framework 4.5 or higher
1
2
ABOUT TANIUM
Tanium gives the world’s largest enterprises and government organizations the unique power to secure, control and manage millions of endpoints across the
enterprise within seconds. With the unprecedented speed, scale and simplicity of Tanium, security and IT operations teams now have complete and accurate
information on the state of endpoints at all times to more effectively protect against modern day threats and realize new levels of cost efficiency in IT
operations. Visit us at www.tanium.com or follow us on Twitter at @Tanium.
2
© 2015 Tanium, Inc. All rights reserved. Tanium is a registered trademark of Tanium, Inc. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.
ActiveGuard® Security and Compliance Platform

ActiveGuard® Security and Compliance Platform

Solutionary Company Overview - Innovation Network Technologies

Solutionary Company Overview - Innovation Network Technologies

Group Quiz 2

Group Quiz 2

Solutionary Log Monitoring and Management

Solutionary Log Monitoring and Management

SYMANTEC SECURITY

SYMANTEC SECURITY

iode-po10-final

iode-po10-final

EEE 221/178: Homework assignment # 6

EEE 221/178: Homework assignment # 6

Science of Teaching Seminars 2014-2015.pptx

Science of Teaching Seminars 2014-2015.pptx

– LawAccord SportAccord Pâquerette Girard Zappelli, Secretary of the IOC Ethics Commission

– LawAccord SportAccord Pâquerette Girard Zappelli, Secretary of the IOC Ethics Commission

ENHANCED THREAT AND RISK ASSESSMENT

ENHANCED THREAT AND RISK ASSESSMENT

The Olympic Bribery Scandal

The Olympic Bribery Scandal

abcdocz.com

© Copyright 2024