The integration marks the latest expansion in a relationship that includes Tanium’s membership in the Microsoft Intelligent Security Association (MISA) and its availability in the Microsoft Azure Marketplace.
Tanium said that by making its rich, real-time endpoint data accessible directly from the Sentinel console, the integration enables IT organisations to comprehensively detect, investigate, triage, prioritise and remediate threats automatically.
This aims to extend Sentinel’s advanced security and analytics capabilities, reduce the number of false positives that require disposition and allow security practitioners to better identify threats that might otherwise be missed.
The integration also enables active threat hunting. With Tanium’s real-time data taken directly from the endpoint, security practitioners can better contextualise and correlate alerts sourced from both Microsoft and Tanium with almost no delay across an entire IT environment, Tanium said.
Additionally, Tanium gives incident responders the ability to take immediate action on alerts as they happen including quarantining a device, deploying a patch, or updating software all from the Sentinel console. Customers benefit from proactive, predictive, automated management of their entire IT stack.
With real-time distributed architecture, Tanium can independently verify that all Microsoft services are deployed and up-to-date and validate that it is fully performant on every endpoint. If needed, customers can deploy a patch or quarantine a device in seconds to ensure they get the most from their Microsoft investments.
“We’re excited to continue to expand our relationship with Microsoft,” said Rob Jenks, SVP of corporate strategy at Tanium (pictured). “Already we work together to make Microsoft environments healthier and more secure by reducing risks for customers and protecting their investments in Azure, and soon we’ll be releasing a series of powerful integrations with Microsoft tools in addition to our Sentinel Integration.”