Day One Tanium Converge 2024 Highlights: Gaining Confidence in Today’s Security Landscape

Day one of Converge 24, our annual tech conference currently taking place in Orlando, Florida, set the stage for an inspiring journey into how Tanium empowers organizations to navigate the complexities of modern environments and cybersecurity by enhancing their ability to gain insights, execute critical actions, and govern their operations with oversight.

This year, our event is centered around the importance of building confidence, trust, and resiliency by bringing IT operations and security teams closer together, which is more crucial than ever in a world where sophisticated cyber threats, economic uncertainty, geopolitical tensions, and unexpected outages pose significant challenges.

“We are honored to serve alongside you during these challenging times,” said Tanium CEO Dan Streetman to the more than 3,000 in-person and virtual attendees streaming the event. “Our promise to continue serving alongside you remains unwavering.”

He explained how we continue to demonstrate our commitment to providing a reliable, trustworthy platform that you can feel confident provides real-time data, autonomous insights, and the highest quality control standards to support your ability to build organizational confidence and resiliency for whatever comes your way – and how we are the only provider able to effectively, successfully, and confidently deliver an autonomous IT and security solution.

We want you to be confident that you can ask questions and act with absolute certainty.

What the Power of Certainty^™ means to our customers

We’re excited to celebrate the impressive outcomes customers are already achieving with the help of the Tanium platform at Converge.

During his keynote, Dan was joined by Tanium customers from industries commonly targeted by threat actors to discuss their everyday challenges and how Tanium is vital to building their confidence and resiliency.

CIO Chin Okorafor at PNC Bank shared the importance of partnerships, including the essential collaboration with his CISO and the ability of Tanium’s real-time data to power joint solutions with vendors like ServiceNow has driven significant operational efficiencies, more data confidence, improved automation, and meaningful time savings for PNC’s security team and the overall business.

Senior Vice President Global Cyber Security Services at Fiserv Pam Gott discussed the challenges financial services organizations face, her team’s role in protecting clients, and the importance of understanding the environment to close the gaps and stay ahead of threats effectively. She talked about how Tanium’s real-time data adds value and how, by ensuring Tanium is accessible to teams across the organizations, Tanium makes everyone’s job more effective. She also discussed the value of automation in allowing teams to focus on innovations by making it easier to achieve auto-remediation and fix vulnerabilities in real time.

Dan then introduced a customer video highlighting NEC Corporation and Tanium, which provided real-world examples of successful implementation and the benefits achieved by utilizing Tanium for centralized management of IT asset information and vulnerability management to gain better visibility into security status, speed vulnerability detection, and improve response.

The demands of tomorrow are going to require a new approach — one that delivers on the promises of AI and automation.

Why Tanium is the Real-Time Platform for AI^™

As Dan described, we believe Tanium is the only platform capable of delivering autonomous technologies by providing three critical capabilities: real-time data for immediate decision making, a converged architecture unifying disparate solutions, and reliable automation backed by data from millions of endpoints.

With real-time data and AI/ML, Tanium enables faster, better decision making, improving security and resilience to enable organizations to avoid costly disruptions, mitigate risks faster, and increase operational efficiency through automation to drive more confidence in their ability to deliver the best outcomes.

Announcing Tanium Autonomous Endpoint Management (AEM)

We realize that as organizations continuously change to address the latest threats and challenges, our platform must also continuously evolve to meet and exceed the needs of IT and security teams responsible for addressing these challenges by continuing to empower them to do so in real time with Tanium AEM.

Supported by our platform architecture that works at cloud scale to provide real-time data and analysis, Tanium AEM delivers tailored recommendations about where to prioritize your efforts, provides a confidence score about the probability of whether an action will achieve the desired result, the opportunity to automate these changes in real time, and improves availability and reliability through the use of deployment rings to ensure changes can be rolled out in phases instead of risky all-or-nothing change management approaches. And the great news is, if you have Tanium, you already have Tanium AEM.

In addition to the many prebuilt automation capabilities, Tanium AEM provides an AI-assisted, no- to low-code experience customers can use to create custom playbooks to automate an endless number of complex and time-consuming task sequences with ease and confidence.

Read the Tanium AEM Solution Brief

How Tanium enables AI solutions

Dan explained how this crucial ability – providing an immediate view of real-time data within a single platform that delivers a range of autonomous solutions for endpoint management, risk and compliance, incident response, and digital employee experience – is not only what allows organizations to make time-sensitive decisions with confidence across their entire IT infrastructure, but it’s also how we enable other AI-based solutions to leverage the only data that can be trusted: a consistent flow of real-time data.

Since he could not attend Converge because Microsoft Ignite is also currently underway, Dan shared a prerecorded conversation he had with Corporate VP of Cloud Ecosystem Security at Microsoft, Shawn Bice, about AI and automation, Microsoft’s initiatives around security, and the importance of real-time data from Tanium.

Dan was joined by Jason Revill, global security practice lead at Avanade, on stage to discuss the role of Tanium’s real-time data capabilities in our joint solutions with Microsoft. From switching endpoint detection and response (EDR) solutions quickly and securely to increasing visibility into endpoints, Jason highlighted how Tanium is core to powering the solutions that allow Avanade to address pain points and deliver greater value to customers.

Alix Douglas, GVP, partner solutions at ServiceNow, was then welcomed to talk about the joint initiatives between Tanium and ServiceNow that are driving faster insights, AI-driven workflows, and better governance as part of our shared vision to put customers and partners in the center of our solutions. While this partnership began with integrating real-time data into CMDBs, it has expanded to include several joint solutions, including the latest with Now Assist.

Alix described how companies are always looking to simplify and secure their environments and how ServiceNow and Tanium allow organizations to achieve value across an organization by addressing the differing needs of teams like IT and security in a single view, increasing operational efficiency and resiliency with reliable, real-time data that drive automation capabilities and actionable insights.

Dan’s keynote ended with a video of Tanium customer GRAND Mental Health to highlight how our platform is helping improve its resiliency and the transformative power of real automation in safeguarding organizations.

Utilizing Tanium’s Deploy and Comply modules, we reduced the time needed to address vulnerabilities by approximately 96 percent. This allows us to focus instead on more strategic improvements in our organization to better help our clients.

Converge day 1 afternoon keynote highlights

After lunch, Converge attendees reconvened for an action-packed afternoon that kicked off with another customer video from Colgate, which highlighted its success in using Tanium solutions to leverage real-time data, gain deeper visibility into all its assets, and use automation to bring collaboration and up-level the human capability to respond quickly to any incidents with efficiency and confidence.

Tanium VP of Product Marketing Vivek Bhandari was welcomed to the stage and spoke about the paradigm shift of AEM and its ability to improve outcomes. He then invited Tom Cipolla, senior director analyst in the digital workplace infrastructure and operations team at Gartner, to give his industry perspective on the issues that drove the creation of autonomous endpoint management as a new market category.

Tom discussed the retirement of the unified endpoint management category at Gartner. After looking at the industry holistically, he identified that organizations needed to move faster and spoke about the journey to a solution like autonomous endpoint management.

What is AEM? As defined by Gartner, “Autonomous endpoint management (AEM) combines capabilities of unified endpoint management and digital employee experience tools with AI and machine learning to accelerate endpoint patching, configuration and experience management. The AEM approach will eventually replace disparate tools and architectures with cloud-based, intelligence-powered capabilities. AEM reduces IT overhead, increases compliance and enables efforts to be redirected toward employee enablement and business-value-added work.”

Tom explained that today, organizations rely on manual processes for identifying, fixing, and patching vulnerabilities, ultimately leaving organizations questioning whether these efforts were successful.

Where does AEM come in? Looking at the same process through an AEM lens, organizations can use AEM to automate scanning for new vulnerabilities and then remediate them. Using an external confidence score to determine risk thresholds, organizations can also deploy fixes with the ability to define success leveraging digital employee experience (DEX) and sentiment scores – insights no amount of device telemetry is going to detect.

By simply asking employees whether everything is normal after a patch, you can measure sentiment and also use the data to determine whether to advance to the next ring. Compared to traditional workflows, change control can be interjected where needed when using AEM, but all the manual processes are removed.

Where does AEM fit in with collaboration? Tom described that while AEM lets you move fast, it’s also designed to protect the experience, and he reinforced that “experience is not optional.”

Cybersecurity generally wants increased resilience, and ITOps generally want an increased experience – but you can bring these teams together and get them on the same mission by being able to detect problems in real time and stop the blowbacks.

At the end of the day, resiliency involves experience as well. We have to break the myth that ITOps and SecOps have different missions. They have the same mission: it’s called resiliency. They just care about it in different dimensions.

What does AEM look like in the future? Tom sees AEM as a journey that will continually improve over time. Right now, autonomous capabilities have been focused on patching, but he sees opportunities to extend these insights to configurations, real-time posture assessment, and reaction capabilities.

If you’re not making decisions based on real-time data, you’re not really making decisions. You’re making assessments of the past.

With Tanium, you’re already equipped with Tanium AEM. We look forward to hearing more stories about leveraging AEM with Tanium and its ability to move teams forward.

Where Tanium is heading

Tanium CTO Matt Quinn provided this afternoon’s keynote about our broad technology direction and all things autonomous endpoint management, including a deep dive into the key challenges AEM is primed to help organizations solve and our vision for Tanium AEM now and in the future by focusing on three primary areas:

1. Trust and safety: We don’t want the changes that we make to our software to add to the complexity of your IT environment. We are going to continue to invest to keep endpoints safe as we make changes to Tanium.
   
   Matt discussed how our approach to progressive deployment, the Tanium Cloud Release Pipeline, reduces the risk of outages and gives us the ability to study the telemetry that we get from each of these stages for constant improvement. He also spoke about how our Endpoint Change Management (ECM), a feature in the Tanium platform, helps manage and control updates and changes to endpoints by allowing for scheduling and deploying in a controlled manner, ensuring that changes do not disrupt operations or cause performance issues.
   
   Additionally, by using a semi-annual release process, we are able to provide a single, stable patching process that reduces the headache of planning the time it takes and provides more predictability around upgrades.

We acknowledge the trust you place in us. Now, as we continue to innovate and advance our software, we hold your endpoints as the most important thing. Your endpoints and their safety supersede everything that we do.

2. Expanded endpoint visibility: Today, devices that were once isolated in factories or fields are now connected to your supply chains, customers, users, and personnel. These devices are now integral to your corporate life, making them richer targets for attacks. We are expanding what you can see within and improving the comprehensive insights of our platform.
   
   Matt spoke about what’s on Tanium’s platform roadmap, including our Endpoint Expansion project and our vision to provide customers the ability to seamlessly manage and secure across all connected devices – including cloud assets, mobile devices, web browsers, containers, operational technologies (OT), and Internet of Things (IoT) devices – bridging the gap between devices that are managed via agents deployed on them (“agent-based”) and those that do not have agents deployed on them (“non-agented”) devices.
   
   Tanium’s Endpoint Expansion strategy will provide a unified platform for real-time visibility, security, and control through entity providers like gateways, direct connections, and API integrations.
   
   During his keynote, Matt used the term “entity” interchangeably with endpoints to describe how Tanium is working to extend beyond what organizations think of as traditional endpoints. Matt introduced the concept of entity providers, which is a new mechanism that allows a client to answer questions and participate on behalf of many entities or endpoints. He explained how a user could be reimagined as an entity and joined to the devices that they own, which will open new workflows and reduce the time it takes to complete actions.

The truth that everyone here in this room should always recognize is that change at scale is hard.

3. AI and automation: We know that making changes at scale is hard, so we’re driving innovations around how we can sensibly leverage automation and AI to augment how we manage IT and security.

Matt spoke about our work in making the platform smarter and able to make changes at scale safely, including our efforts around improving how to manage resource access risk. He welcomed Ryan Andorfer, VP of platform engineering at Tanium, to the stage to discuss our new infrastructure access management tool – Tanium Jump Gate.

Announcing Tanium Jump Gate

Ryan explained how Tanium Jump Gate aims to remove standing access to systems and applications by providing SecOps practitioners “just enough” and “just-in-time” access through real-time checks, monitoring, and responses, along with audit trails of all activities performed during access sessions.

Tanium Jump Gate is a commercial version of the internal infrastructure access system we created that allows you to turn every Tanium client deployed in your environment into a jump gate, simplifying infrastructure access management by bringing order to the process while ensuring security and compliance.

The evolution to AEM

Matt reiterated how Tanium has historically focused on helping organizations with their core endpoints, but we understand that environments are constantly changing.

Matt explained how Tanium Cloud includes millions of machines with billions of Tanium sensors processing petabytes of data every day. The fidelity and diversity of this vast data enable us to bring AI to IT operations together.

With our efforts around improving trust and safety, expanding endpoint visibility, and revolutionizing how organizations can use AI and automation to improve their efforts, Tanium can now be everywhere your endpoints are. All the Tanium AEM systems showcased at Converge are additive to the Tanium platform – not a replacement. By owning Tanium, you automatically have Tanium AEM.

When we set out to build AEM, we did not want this to be an add-on. This is not something to the side. This needed to be an evolution of the Tanium platform itself.

Matt welcomed Tanium VP of AI Harman Kaur to talk about the current endpoint management landscape and the goals of AEM to improve the challenges organizations face today, including contextualizing data, understanding the impact, and managing change at scale.

She explained how we started the solution with the basics: building an automation and orchestration engine to actually help facilitate all of the autonomous controls, figuring out where you can foresee what a change might do to your endpoint before you even hit the deploy button, and creating a new way for you to help manage change at scale – a process that keeps you informed and dynamically manages those changes.

Harman shared how Tanium AEM, through real-time cloud intelligence, provides a better, safer way to manage endpoints using three classes of autonomous controls:

1. Insights with Tanium Guide: Tanium Guide globally benchmarks and analyzes a customer’s dynamic IT environment in real time to guide the next best action and change to take on their endpoints.
2. Execute with Tanium Adaptive Actions: Tanium Adaptive Actions drastically decrease response and remediation times on critical endpoints using intelligent automation informed by Tanium Guide’s benchmarks and analysis.
3. Govern with Tanium Action Oversight: Tanium Action Oversight puts the user in control of all aspects of its autonomous functions to provide visibility, remediation, and control at the right level of detail.

Harman then welcomed Tanium Staff Data Scientist of AEM Christian Schwantes to walk through Tanium’s Confidence Score, which gives you insights into whether changes will work before you make them. He also spoke about future plans to enhance Confidence Score.

Harman spoke about platform updates, including improvements we’re making around how you experience things across our modules, including Tanium Ask – our new AI-powered, natural language question bar designed to elevate your experience in searching for real-time data. Day two’s keynote will provide more insight into these updates.

She then thanked all the customers who provided feedback as part of the early beta and private previews for helping us improve and build AEM to meet their needs.

Matt chatted with David Anderson, systems analyst, tools and automation at VF Corporation, about his experience in the private preview for Tanium Automate. David explained that the original, primary use case for Automate had been for improving server patching – which used to require turning off and on services and collaborating between teams to achieve this. By using Automate, his organization is able to build a playbook to automate processes like turning off services, confirming they’re off, and sending emails when complete. Now, he plans to expand Automate across the environment for all patching and to address critical vulnerabilities.

Enhancing security with seamless integrations

Matt welcomed Tanium Director of Technical Product Management Shelly Sahani, who spoke about the need for more data when a security incident happens and the importance of accurate insights that reflect the current state of your environment. She explained how it’s not just about becoming faster; Tanium Intelligence is smarter and more accurate and doesn’t require you to switch platforms.

Tanium provides instant context where you need it, like having a security expert who knows all the details about your network at your fingertips and can also serve as a fact-checking service. It’s not just cloud security; it’s the oversight provided by Tanium that you need for continuous monitoring and instant insights.

Shelly described how Tanium has created deep integrations across the Microsoft ecosystem to provide unified visibility that dramatically reduces complexity, including Microsoft Defender for Endpoint, Azure, Sentinel, Intune, Security Copilot, and more, to transform the way you defend, operate, and work.

We’re not just reducing complexity; we’re actively fighting against it.

Matt introduced Tanium Field CIO of Strategic Partnerships Saqib Khan to talk more about ServiceNow integrations and what we’re building there. Saquib talked about how to put AI to work for your business and the combined power of AI with the Power of Certainty^™.

To illustrate these benefits, he walked Converge attendees through a demo of a high-risk event using the Tanium AI Assistant in ServiceNow. In the demo, he showed the ability to patch critical vulnerabilities at scale while working through the security incident and leveraging playbooks executed using ServiceNow. This highlighted how the Tanium AI Assistant can perform all the tedious tasks so you can worry about fixing the problems.

Saqib explained that because Tanium is an end-to-end patch management solution on ServiceNow, with Tanium’s intelligence guidance embedded into ServiceNow, the solution can recommend things like other high-risk events be added to the security incident and executing specific playbooks to quarantine or perform other actions as outlined in the playbooks.

When you think through automation changes, the automation of high-risk critical vulnerability patching can easily become unmanageable. However, being able to take highly complex, lengthy processes and reduce them into a single seamless workflow that takes only a few minutes to complete within a single platform makes automation simple.

The future of AEM: Supercharging Threat Response and beyond

Matt prefaced that what we’ve seen at Converge so far are only the first steps for AEM and how the next section will look into the future, including our plans for addressing the new attack vectors and technologies threat actors use every day.

For Threat Response, Tanium saw an opportunity to supercharge our offerings. To walk through the AEM roadmap, Matt invited Harman to come back to the stage, where she also invited Sr. Director of Security and Product Design Research Melissa Bischoping and Sr. Director of Product Management Stephanie Aceves to discuss more about the need for successful threat response that relies on real-time data.

Melissa spoke about her role at Tanium leading a team of researchers who pull apart all the details from incidents and events to equip customers with the capabilities and knowledge about where the adversaries are trying to hide by moving and thinking as fast as threat actors. She explained how Tanium wants organizations to be able to address all the aspects of the incident response lifecycle by working alongside our AI investments and leveraging the best in human brain power to give you the strategy and research you need to make confident decisions around the detection, hunting, mitigation, remediation steps, and hardening that enables you to be proactive.

Announcing Tanium HuntIQ

Stephanie then talked about how our products, threat hunters, and research all come together at Tanium. She announced HuntIQ, created because Tanium rejects the notion that there is a one-size-fits-all product — teams need data and intelligence based on their environment and threat landscape.

She provided an example of an unpatched vulnerability and how Tanium can provide insights around critical insights, like how this data may show that most customers are opting to mitigate instead of patch – but this means more opportunities for attack exploration. Using this data, organizations can make informed decisions about the next steps to take, including the ability to have HuntIQ rapidly propose, create, and perform robust hunts to identify attack behavior generated by people who know you and your environment. HuntIQ will be available for private preview soon.

Harman then spoke about how AEM is a multi-year journey and how we’re just getting started. We have plans to continue building on top of our strong foundation in the future, including expanding Confidence Score models, smarter deployment rings, and more integration and automation across our modules as well as third parties.

Looking forward to even smarter automation with Tanium AEM

Matt closed the day one keynote by speaking about the design goals and offering additional insights on the future of Tanium AEM, including expanding our endpoint solutions and autonomous innovations while continuing to prioritize helping customers build resiliency and confidence to combat the next waves of challenges by fundamentally changing how they manage and define endpoints.

He also spoke about our innovations around making automation even smarter, including making automation start asking you questions. For example, rather than having to fill out individual tasks telling it what to do, what about if the automation engine asked you questions so that it could work out what’s needed? Additionally, many organizations already have their own observations and recommendations – what if you could use Tanium Guide to program them in an easier way so that you could hand off tasks and focus on the bigger problems and opportunities?

Matt explained that while having Tanium already means you can benefit from using Tanium AEM – these next big steps are already in the works.

Make sure to register so you can watch these keynotes and other sessions from Converge on demand, available starting November 26.

---

Tanium’s statements regarding its plans, directions, and intent are subject to change without notice at Tanium’s sole discretion. Information regarding potential future products or functionality is intended to outline our general product direction and it should not be relied on in making a purchasing decision, nor is it incorporated into any contract. It is not a commitment, promise, or legal obligation. The development, release, and timing of any future products or functionality remain at our sole discretion.