GoDaddy was unable to scope incidents quickly with their existing endpoint security tools and couldn’t trust they had a complete picture from their endpoints. Tanium helped their team automate ad hoc and indicator of compromise (IOC) searches, quickly implement blocked hashes and deploy patches at speed.
Tanium use cases
• Security Hygiene
• Endpoint Security
• IT Operations Management
• IT Asset Visibility
Challenges
• Timely response to security incidents
• Lack of visibility across endpoint security tools
• Malware removal
• Ability to address vulnerabilities quickly
• Visibility to isolate and remediate a network outage
Benefits to IT
• Reduced time to remediate IT outages
• Faster reaction time to detect and remediate malware instances
• Decreased the mean time to recover
• Ability to investigate an endpoint remotely in real time
• Overall increased IT administrative productivity
Jason White, Director of the Computer Security Incident Response Team (CSIRT) at GoDaddy, had a problem. His eight person team was adept at identifying threats and compromises of their systems, but they were unable to scope incidents quickly with their existing endpoint security tools and couldn’t trust they had a complete picture from all of their endpoints. As a mobile-first workforce where employees are provided laptops instead of desktops, GoDaddy had increased their risk of unwanted software entering their environment from home, affectionately called “Bring Your Own Malware.” “What keeps me up at night is the thought of not finding an intrusion before it becomes data exfiltration,” said White. After hearing about Tanium at a security practitioner conference, the team requested a demo and were impressed with the platform architecture and speed for scoping and remediating incidents. They began the procurement process soon after because he realized he could “know within seconds and minutes versus hours and days’ ‘ what was happening on his network.