Tanium updated with a capability for detecting libraries and software packages with known vulnerabilities within a software bill of materials (SBOM) manifest that can then be used to automate remediation of endpoints running vulnerable code.
This tool examines the contents of individual files wherever they reside in IT environments for identification and treatments.
Once those vulnerabilities are discovered, Tanium Patch tool can be incorporated to remediate vulnerabilities or use other Tanium management tools to kill specific processes or uninstall applications
Awareness of the need for SBOMs to secure software supply chains has increased sharply in the wake of a series of high-profile cybersecurity breaches.
The probability of eliminating vulnerabilities from applications running in production environments is unlikely, but it’s clear there is a need to be able to quickly identify issues based on the level of severity any vulnerability represents.
SBOM is only the first step toward achieving the level of remediation automation that is required to address vulnerabilities discovered in applications after they have been deployed.
The realtime challenge that exists is defining a set of end-to-end processes that make fixing all those vulnerabilities a much less arduous task for all concerned