Introducing the Latest Release for Tanium Benchmark
Understanding your enterprise risk posture and the metrics that create it plays a pivotal role in safeguarding your organization's assets, ensuring operational continuity, and facilitating strategic decision making
The latest release for Tanium Benchmark delivers enhancements for risk scoring and improvements to provide greater clarity of your risk posture. The enhanced Benchmark capabilities are focused on the Benchmark category of Enterprise Risk and the Enterprise Risk Metrics to help your organization with:
- Informed decision making: Knowing the risk posture allows leadership to make informed decisions regarding strategy, investments, and operations.
- Compliance and regulations: Many industries are subject to strict regulatory requirements that mandate risk assessment and management.
- Operational resilience: Understanding risk posture helps in developing strategies to ensure operational continuity under various scenarios, including disasters and cyberattacks.
- Financial stability: Identifying and mitigating risks before they materialize can protect the enterprise from financial losses due to unforeseen events.
The following are the enhancements to Tanium Benchmark Enterprise Risk.
Tanium Risk Scoring 2.0
Tanium Benchmark provides organizations with a risk score they can use to understand their risk posture, identify areas for improvement, prioritize remediation and investigation activities on endpoints, and track their performance against their peers.
Tanium first launched the risk score in November 2021 as part of Tanium Risk, which later became Tanium Benchmark. Since then, the Benchmark team has had countless conversations with customers to learn what works, what they like, and what they would want to change or improve about the risk score. Additionally, Tanium has evolved over time, and new content and module data in the platform has become available that can enhance the risk score, specifically for system vulnerabilities. We are almost ready to release our latest risk score, and this blog post will give you a preview of what is to come.
Simplified scoring
With our Risk Score 2.0, we wanted to make sure the score was easy to understand, explain, and affect. We simplified the individual component calculation by using narrowly defined Benchmark metrics instead of the broader risk vectors. Using Tanium Benchmark metrics simplifies existing risk score calculation and allows Benchmark to improve and enhance risk scoring in the future with additional data from new metrics.
Vectors to metrics
We know that customers want a simple way to understand what a metric is tracking and how it can affect the results. To better accommodate this, we are now using risk metrics that measure one specific attribute, such as the percentage of endpoints with high-severity vulnerabilities. The following metrics contribute to the organization’s risk score:
- Critical Severity Vulnerabilities
- High Severity Vulnerabilities
- Compliance Failures
- Lateral Movement Risk
- Insecure TLS/SSL
- Expired Certificates
Removal of Password Identification metric from score
The Password Identification metrics, which counted for 10% of the Risk Score 1.0, will be removed from Risk Score 2.0. This metric only scored findings that were validated by a user in Tanium Reveal. After analyzing this metric, we learned that few users were manually validating Password Identification findings and that many customers were leveraging custom rules to identify password strings. Due to the low usage, it was removed from scoring.
CVSS v3.1
Since our initial risk scoring was released, Tanium Comply has transitioned from CVSS v2 to CVSS v3.1 as our default scoring system for new vulnerabilities. This allows us to replace our System Vulnerability risk vector with two new metrics: High Severity Vulnerabilities and Critical Severity Vulnerabilities, which both use CVSS 3.1. This provides better granularity for risk assessment and allows security teams to set different goals based on the severity of the vulnerability. As always, pivots to Tanium Comply and Tanium Patch are available for investigation and remediation.
Removal of compensating controls
Risk Score 1.0 included six risk vectors that negatively impacted the risk score and 14 compensating controls that positively impacted the score by up to 25%. Based on customer feedback, we decided to remove the concept of compensating controls from the new risk scoring implementation. Benchmark has transitioned most of the original Risk 1.0 compensating controls to Benchmark Metrics. This change allows customers to continue to monitor these controls as metrics, and now it’s possible to compare performance against those metrics and to industry peers.
Improved user experience
In addition to the scoring changes, the new scoring metrics will use the same drill-down page format as other Benchmark Metrics instead of the legacy risk vector pages to provide a unified look and feel. These new pages will include historical scoring, a grid of findings, and new and improved pivots to investigation and remediation options where applicable.
New dashboarding and reporting options
Benchmark’s new Risk Score 2.0 adds several new sources to Tanium’s Data Explorer, Reporting, and Dashboards capabilities. All the new risk scores and individual risk metric scores will be available in Data Explorer for creating new reports and dashboards or updating existing ones.
But what if I still need Risk Score 1.0?
Don’t worry! Risk Score 1.0 isn’t going away just yet. Once Risk Score 2.0 is available, users will see a toggle on the Benchmark homepage to determine which risk score is being displayed within Benchmark.
All customer environments will have Risk Score 2.0 as the default but can revert to displaying Risk Score 1.0 if necessary. Toggling between the two risk scores will also change the options in the left navigation menu, as Risk Score 1.0 has additional pages for risk health and compensating controls.
All the original risk score and risk vector reporting sources will continue to be active and available for use within Data Explorer, Reporting, and Dashboards when the new Risk Score 2.0 is released.
In summary, knowing your enterprise risk posture and the metrics that comprise it equips you with the knowledge to manage and mitigate risks proactively. Tanium Benchmark supports strategic planning, operational resilience, compliance, financial stability, and competitive advantage, making it an essential component of modern business management.