Published on October 20, 2020
Today’s Remote Workforce Needs Stronger Endpoint Protection
Many organizations are adopting to work from home and bring your own device (BYOD) policies which makes corporate users and endpoints more remote and distributed than ever. According to the 2020 Global Incident Response Report from Carbon Black & VMware, 53% encountered or observed a surge in cyberattacks exploiting COVID-19, specifically pointing to remote access inefficiencies (52%), VPN vulnerabilities (45%), and staff shortages (36%) as the most daunting endpoint security challenges.
Having a remote workforce makes organizations more vulnerable to cyber threats, especially on endpoints that are no longer located within the organization’s secure network. In order to detect threats on endpoints, organizations need stronger endpoint telemetry and analytics capabilities. Traditional endpoint protection systems, which depend on limited endpoint telemetry and rule- or signature-based protection to identify threats, cannot protect against today’s sophisticated threats due to missed alerts and false positives. Security analysts realize that endpoints are an increasingly critical vector for advanced threats, and they need to be protected.
Stop Advanced Cyber Threats Faster with Securonix and Tanium
We are excited to announce Securonix’s integration with Tanium. Together they provide organizations with stronger analytics to detect and respond to previously unknown threats across remote endpoints. The integration between Securonix and Tanium boosts threat detection by bringing together the best of endpoint security and security monitoring as a packaged solution. Securonix’s integration with Tanium includes over 50 out-of-the-box Tanium queries and over 80 out-of-the-box use cases across multiple product modules, including Tanium Asset, Tanium Threat Response, and Tanium Comply.
Transform Your Endpoint Security Investment
Securonix’s strategic integration with Tanium creates a unified solution that provides the enhanced visibility and context needed to detect and respond to threats on endpoints. Securonix ingests endpoint telemetry from Tanium and enriches it with additional context to quickly detect and respond to advanced threats. Securonix provides advanced behavioral analytics to detect threats that are hard to find or are unknown, such as malicious code that hasn’t been seen previously.
Customer benefits include:
- Improved Threat Detection: Combine rich endpoint telemetry from Tanium with the advanced behavior analytics of Securonix to detect and prioritize high risk threats.
- Quick Time to Value: Securonix provides out-of-the-box integration and content for Tanium.
- Faster, More Accurate Searching: Securonix enriches Tanium events with additional context, including identity, asset, network, and threat intelligence, significantly reducing the amount of time required to perform root cause analysis.
- Reduced Mean Time to Respond and Remediate: Securonix provides out-of-the-box incident response playbooks for Tanium as part of its SOAR content. Customers can use these playbooks to automate incident response actions and significantly reduce the time to respond to incidents.
Security operations center (SOC) analysts can detect threats quicker when Securonix enriches endpoint telemetry in real time. Securonix provides more than 80 out-of-the-box use cases to detect cyber threats such as insider threats, account misuse, account compromise, anomaly detection, and insights into assets and patch management. Securonix uses threat chains, in combination with the MITRE ATT&CK Framework, to stitch together related alerts and prioritize threats.
Securonix Analytics Use Cases
Table 1: Use Case Mapping to Threats from Tanium and Securonix
Tanium strengthens Securonix by providing complete visibility and control over your endpoints – no matter where they are located. Securonix empowers SOC teams with UEBA and context-based alerts so they can detect threats and high-risk events quickly and accurately across remote networks.