According to research from Booz Allen Hamilton, the average dwell time for APTs in the enterprise hovers between 200 and 250 days. The longer these threats go undetected, the farther they are able to spread, requiring additional investigation in order to successfully remediate. Even as the average dwell time drops across attack vectors, APTs continue to evade traditional defenses, compromising systems and data across an enterprise. Overall acceleration towards more distributed workforces and cloud computing increases the threat vector as more endpoints run outside of traditional network perimeters and defenses.
“With Tanium and Google Cloud, customers don’t have to make difficult tradeoffs between the quality, breadth, timeliness, or storage cost of their security telemetry,” said Sunil Potti, General Manager and Vice President of Cloud Security at Google Cloud. “Advanced persistent threats require a sophisticated approach to detection and response. That starts at the endpoint, where most compromise activities begin. With telemetry sourced from Tanium’s comprehensive endpoint security approach, customers have the data they need to detect and investigate post-compromise activity to accelerate remediation and prevent future intrusion.”
“The joint solution with Chronicle gives Tanium customers access to massively scalable analytics and investigation capabilities far beyond that of other endpoint detection and response point tools,” said Orion Hindawi, co-founder and co-CEO of Tanium. “This integration enables our customers to investigate APTs and other threats from the moment of detection back to the moment of compromise for comprehensive response and remediation.”
Through the integration between Chronicle security analytics and Tanium's unified endpoint security, joint customers can now:
Tanium and Google Cloud are also partnering to extend zero trust to the device edge through an integration between Tanium and Google’s BeyondCorp. Through the integration, Tanium will support the ability for customers to use endpoint identity, state, and compliance data for BeyondCorp Remote Access.
The two companies also plan to collaborate on improving ways organizations can manage and secure client endpoints like thin-client devices, cloud endpoints, or mobile operating systems. More details on this work will be available later this year.