An Integrated Workflow: Investigating and Remediating a Mass-Malware Infection

I recently had the opportunity to help a customer use Tanium to investigate and respond to an outbreak of the “Ponik” malware. Ponik is a downloader that can retrieve and install additional malware, as well as steal credentials, from an infected system. Though Ponik is an example of commodity mass-malware, it presented a good opportunity...

With Importance Comes Duty

  Fortune Magazine recently named Tanium one of the 25 most important private companies of 2016, recognizing the most influential private enterprises for their “prodigious revenues or assets, their social currency, their deep connection to our daily lives and their disruptive impact.” It’s an honor to be included among such an impressive list of companies...

Hunting for Rogue PowerShell Profiles

During the earliest phases of an intrusion, attackers typically move to establish persistence on at least a subset of compromised systems. This might be to ensure that they can easily regain access to the victim environment, such as via a backdoor, or to keep other forms of malicious code running, such as a keystroke logger....

Government must be bold if they are to help businesses manage cyber-threats

A conversation is happening in the UK about business’ responsibility to its customers in the face of rising cybersecurity threats. Last week, consumer watchdog Which? called on the Government’s new fraud taskforce to ensure companies better protect their customers from cybercrime and to compensate them for breaches. The Government’s own Cyber Governance Health Check report...

What’s Old is New: Detecting Office Macro Malware with Tanium

Years of InfoSec experience will tell you that security threats are cyclical. What is old will become new and what is new will eventually become old. We’ve seen proof of this from the re-emergence of devastating distributed denial of service attacks, massive malvertising campaigns, and more recently, macro-based malware attacks. For example, several of the...

Our Design Journey

When I signed on as Chief of Design and User Experience, I was drawn to Tanium’s philosophy of customer-driven innovation, because it holistically aligns with the principles of user-centered design. I love working in industries that are early on the design curve. When I started as a UX Designer at Google Analytics, metrics were for...

Going Back to Basics to Prevent Ransomware Attacks

Ransomware attacks are now daily news as new malware families emerge with nearly the same frequency and enterprises increasingly become the targets. In fact, ransomware has become so pervasive the US and Canada this month issued a joint cyber alert warning about the recent surge in attacks. Ransomware typically enters a network as a seemingly...

Back to the Basics: Detecting Malicious Windows Services with Tanium

“The theme I really want you to take away [from this presentation] is: if you really want to protect your network, you really have to know your network.” TAO Chief, NSA, USENIX Enigma 2016 An essential part of “knowing your network” is tracking endpoint persistence mechanisms – the myriad of ways in which an operating...

Cybersecurity Vulnerability by the Numbers

Our recent report with Nasdaq & Goldsmiths, University of London, surveyed 1,530 global executives to gauge corporate leaders’ understanding of their own cybersecurity vulnerability. The results revealed some alarming findings. Download the report here to learn how to close “The Accountability Gap”.