What is Autonomous Endpoint Management?
Autonomous Endpoint Management is a framework designed to unify IT operations and security teams on a single platform through real-time control and visibility. It brings together pre-configured playbooks, seamless platform integrations, AI-driven insights, workflows, and remediation for a monumental leap in operational efficiency and risk mitigation.
With the ever-growing IT estate, resource constraints, and the increasing pace, frequency, and sophistication of cyber threats, the need for an autonomous platform that can automate common operational tasks and better identify threats and vulnerabilities becomes critical. Join Tanium to learn more about starting your journey to AEM.
Transcript
Shira Rubinoff:
Hi, this is Shira Rubinoff. I’m president of Cybersphere, a Futurum group company. We’re on the road with Six Five Media here at Broadcast Alley at RSA 2024, coming at you live. I’m here with Harman Kaur, vice president of AI at Tanium. Harman, what a pleasure to be with you here today.
Harman Kaur:
Thank you so much for having me.
Shira Rubinoff:
So Harman, could you please introduce yourself to our audience? Tell them a little bit about who you are, your background, and what you do for Tanium.
Harman Kaur:
Absolutely. So my name is Harman Kaur. I lead all things AI and automation for Tanium, which is a endpoint management company based here in Seattle, Washington. My background is actually in the military, so I’ve spent about a decade in the military in various different roles and seven years in Tanium, in field engineering, strategy roles, product roles, and now leading all things AI and automation.
Shira Rubinoff:
Well, that’s quite a background and thank you for your service to our country.
Harman Kaur:
Thank you so much. Thank you for your support.
Shira Rubinoff:
Thank you. So Harman, can you describe AEM and how it leverages AI to address the macro forces that continue to challenge IT and security operations?
Harman Kaur:
Yeah, I think a common thing we get asked today is, “I can’t hire the right skills at the right pace to address all the things that I want to address. So how do I automate processes?” And I think we’ve been hearing about automation for a long time. And with autonomous endpoint management with AEM, what we’re focused on is giving you intelligence to be deliberate about which things that you should automate. And what that means is we have access to so much data, we want to take that data and tell you, “Here’s automations that have the highest probability of having positive change in your environment,” and actually remediating vulnerabilities in real time.
Shira Rubinoff:
I think that’s so important. I think a lot of organizations are saying, “Automate it. Just automate it. I don’t have time for that. I don’t want to hire people, automate it.” And having that insight into understanding what you can automate, what you shouldn’t automate is integral for organization, both on the operational side but also on security. So that’s quite important.
Harman Kaur:
Yes, absolutely.
Shira Rubinoff:
And Tanium AEM scales IT operations and security execution with data-driven insights. Please talk to that point for a moment. We’d love to hear just your thoughts around that because I think that’s an important topic also that I know the organizations do struggle with.
Harman Kaur:
Yeah, absolutely. So organizations often talk about automating processes. One of the hesitation is that’s going to impact my entire enterprise all at once, and I don’t want that to happen, obviously, I want that change to go out in a responsible way. So part of our autonomous endpoint management strategy is rolling out changes through a ring progression. So what that means is we can dynamically first send a change out to a small percentage of your endpoints and monitor that change. And if it’s successful, then we progress to the next phase and the next and the next, before that change goes out to your entire enterprise. But Tanium also has the intelligence to stop anytime we realize, “Hey, this change is having a negative impact, right? It’s impacting users in a negative way.” Those changes will stop from impacting your enterprise.
Shira Rubinoff:
Well, that’s certainly another area that organizations struggle with. And there’s always that question, “Should we do this change? Should we not do this change? If we do it, what are the consequences of it?” And I think there’s a lot of time delay, which actually could yield to an attack, but also could delay the movement of an organization and understanding that even if you’re going down that road and it’s not right for you, you could pause. I think that adds massive value to organizations. So that’s great to hear.
Harman Kaur:
Yeah, absolutely. And you can define what those progressions are. You can say, “I care if 90% of my endpoints have succeeded.” Maybe there’s a change. You care 95% have succeeded before you go out into the next phase.
Shira Rubinoff:
Oh, that’s great.
Harman Kaur:
Yes.
Shira Rubinoff:
And also Tanium Automate is providing the AI that helps organization improve their operational health and cyber hygiene. So I talk a tremendous amount about cyber hygiene. I wrote a book about that, the human factors of it, the pieces and the parts that organizations need to look at, the people, the process and the technology. Have the best technology out there, have the greatest people there, but the glue in the middle is the process. And that would yield and talk about, we could talk about cyber hygiene at length. We’ll get to that another time, but can you talk to these points for a moment as well?
Harman Kaur:
Yeah, absolutely. I always think security is done a little backwards where we have all these tools that we invest in to I’m going to block an attack or here’s all these fancy tools with attack and occurs I can use this to collect this piece of data. But people forget the proactive side, which is a hygiene side, which you’re referring to. So how do you simplify that hygiene side because it is very laborious and it can be very, very hard and complex. So that’s what Tanium Automate solves for. It’s to simplify those workflows, help you automate as many of those workflows as possible. So if you have a workflow that’s very complex and it takes three people to do, you can build a simple playbook to say, “Here’s my 18 steps that need to occur for this workflow. And Tanium, Automate will do that for you.” Stop and check in at any point that you want to check in before it completes the rest of the work.
Shira Rubinoff:
So let’s break that down just to the minutiae level and just give an example about something that somebody might take for granted with an organization of what they could break down, what they could automate. Just something that everybody, really resonate with our audience here.
Harman Kaur:
So a really common one is license software, expensive software that’s out there that’s licensed, no one’s using it, that takes someone to go and figure out where it exists, who’s been using it, when was the last time it was used, should I uninstall it? Should I not uninstall it? You can just create a playbook to say, “Hey, Tanium, monitor for this license to see if it’s been used in the last 90 days. If it hasn’t, just double check it’s not been used right now. And go ahead and uninstall that and send a user notification to say, ‘Hey, we’ve removed this license. If you need it, you can go ahead and install it again.'” But you’re saving a lot of cost there, as well as keeping that piece of software updated all the time.
Shira Rubinoff:
That’s super important. And it’s almost automation at its simplest form, yet it’s so valuable to organizations when you think about it. Not just cost savings, but efficiency within the organization, not having to piggyback and think about what HR has to deal with, think about operations, think about security. It goes across the entire organization. That’s quite important. And we talk about Tanium’s real-time data access and act ability enables AI to provide automation to identify immediate issues happening in your customer’s threat landscape. So when we talk about that, that’s certainly something that every organization thinks about and even more so worries about.
Harman Kaur:
Yes, yes.
Shira Rubinoff:
How would you describe what you do there and what you do to help your customers?
Harman Kaur:
Yeah, absolutely. So we have Tanium Guardian. What Tanium Guardian does is any zero-day vulnerability that occurs. What we do is we send you a notification to say, “Here’s a zero-day vulnerability that’s currently out in the wild, and here’s your exposure to it.” Since we have that real-time data, we can actually go ahead and query your endpoints proactively for you and tell you what your exposure is. And then we can also give you a remediation path if one is available. So, “Here’s a remediation path on how we think you should address this.” And that is all automated into what we refer to as a simple smart action that you can go ahead and quickly deploy. And again, it’ll deploy in that responsible ring based approach where we’ll start testing it and propagating it throughout your environment. But you have that all in one place now. So going from a notification all the way to action.
Shira Rubinoff:
And again, in the security industry we talk about there’s no one size fits all, and certainly this is no one size fits all. What would you say to a customer who is saying, “You know what? We’re very different than everyone else out there. We really don’t need all the capabilities, but here are some specific ones we need. What would you do or what would you say to that customer themselves?
Harman Kaur:
Yeah, no, that’s a really good point. And that point is even more important with the adoption of AI, right? Every organization’s at a different place in adopting AI, which is why with autonomous endpoint management, we’re very careful in making sure we still keep a level of human control in there so that you can interact and stop or engage or edit or change anything that we recommend to you at any point to make sure it fits your organization’s need. And Tanium is also getting smarter and providing more context-based recommendations of what’s applicable to you and your environment
Shira Rubinoff:
At every given moment, or is that something they set up specifically for their needs?
Harman Kaur:
So over time, we’re sort of learning and kind of adopting our approach to say, here’s recommendations that are particular to your environment and what we’re assessing in your environment.
Shira Rubinoff:
Very interesting. It sounds like something that’s quite needed.
Harman Kaur:
Yes.
Shira Rubinoff:
We talk about Tanium cyber hygiene as we touched upon a moment before, and recommendations and automation are coupled with AI-powered confidence scores, a type of risk and impact assessments. The organizations can assess the benefits, the risks and impact before making a choice for the environment. So certainly just what we spoke about. But on a larger notice, or more, you expand on that. When they want to get to the nitty-gritty, and certainly when they’re making these choices and these decisions, they really need to make a calculated decision that’s best for their organization at that moment in time.
Harman Kaur:
Yeah, absolutely. So a confidence score gives you is we’re monitoring every single change that’s happening on an endpoint to seeing what type of performance impact it had. Was it successful? Was it failing? Or even what are users or operators saying about this change? Did they have a positive experience? And we’re calculating that into a confidence score that customers can then leverage to drive automation to say, “Here’s a change that has a really high confidence score because it doesn’t cause any performance impact. We want to automate this process so it can actually happen on its own because we have high confidence now.” And that data of our confidence score is data we’ve aggregated across hundreds of customers, millions of endpoints that are also making that change.
Shira Rubinoff:
Well, that’s super important. And again, making the right decision with confidence is the only way to do that.
Harman Kaur:
Yes, absolutely.
Shira Rubinoff:
Harman, thank you. And I always ask my interviewees for a cybersecurity tidbit or helpful hint or a business tip, whether it’s personal or an organization that they could give to the audience from their own personal use cases or their own personal experiments or whatever it is that they’ve encountered along their business journey or life journey that they’d like to share with the audience. So I know our audience would love to hear your business tip or cybersecurity helpful hint.
Harman Kaur:
Yeah, I think for me, I always talk about that cybersecurity is everyone’s problem in an organization. I think we sometimes often kind of say, “This is IT’s issue. IT needs to worry about that.” I think regardless if your role is you’re in HR or you’re a recruiter, whatever it is, I think everyone should be informed of cybersecurity to some extent in your organization. So they can be a great ally, they can help you with the cyber hygiene. When an update does go up, they’re more proactive to say, “I should apply that update, because there’s consequences if I don’t.”
Shira Rubinoff:
Listen, that’s very well said. That’s not just cyber hygiene, it’s cyber culture. And I think our audience would agree with you on that. Harman, thank you very much for your time and I know our audience really enjoyed hearing from you. And we are here off our Six Five Media, on the road with Six Five Media live on Broadcast Alley at RSA 2024.” Thank you for joining us, and we’ll be back soon.