Tanium - The all-in-one in detecting and securing you and your organisations from attacks
February 28, 2018

Tanium - The all-in-one in detecting and securing you and your organisations from attacks

Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with Tanium

Tanium is used by the data security and networks team in our organization. It plays a key role in identifying our infected machines and the list of malicious applications in our machines. It helps us adding IOC's in the console which helps in identifying the hashes or shah files associated to that IOC's machines. It really helps to solve many business problems. You can it for asset management and also to create the list of infected machines with any vulnerabilities, which is great help to many organizations in protecting their network.
  • Tanium helps in identifying a list of infected machines with any vulnerabilities. For example if we create a package with list of Windows vulnerabilities, it will push the package through its sensors to all the nodes, and trace out the infected machines in our organization.
  • It helps in adding IOC's which helps us in track down the hashes or shah files existing with that IOC 's machines.
  • The most impressive thing about Tanium is that it can quarantine the machine of our choice without connecting to the network, which really helps a lot of times in containment of any infected machines.
  • One issue is its ring topology, as the data is stored in central hubs and pushed through its peer nodes. If the central hub fails, then the associated node will also result in failure.
  • Another problem is that all Tanium management is on premises requiring the customer to maintain it. If we want ask any help from Tanium support we always get a response like "you are maintaining it yourselves and it's your responsibility.
  • The Tanium User Interface could be improved a bit as, although the tool is rich in performance, a more impressive UI might really attract new customers.
  • Adding the IOC 's tracing infected machines, and removing unwanted applications quickly.
  • Quarantine the infected machine from the network in order to prevent it from causing damage or infecting other machines.
  • The user interface could be improved.
Tanium is best for identifying infrastructure infections, and it is easy use where a user who has basic English knowledge can search his queries very easily. Tanium's exceptional feature is quarantining the machine from network, and this is a really impressive feature which should gain them new customers. Tanium helps in removing the suspicious application quickly, which saves time and manual work.
Tanium is suitable in any sort of organization where you want to look at your machines and what kind of applications they are running. One good example is removing an application from where it is not supposed to be in the organization. By using Tanium trace with basic English, first you can search all the machines which have that application, and second you can create a package either through a power shell command or CLI command and remove that application from all the machines at once.This is really saves lot of manual work, time, and also helps in balancing assets across an organization.