By Jack M. Germain
SBOM is an entirely new approach to addressing supply-chain vulnerabilities. It focuses on the software residing on individual assets to detect libraries and software packages with known vulnerabilities. Tanium’s process goes beyond basic scanning tools by examining the contents of individual files wherever they reside in the IT environment.
This method allows Tanium to take swift, appropriate action, such as conducting application patching and software updates, including killing a specific process or uninstalling affected applications. Tanium can find and remediate vulnerabilities like OpenSSL v3 today as well as new supply-chain vulnerabilities in the future.
“The Log4j vulnerability has opened eyes to the dangers of vulnerable open-source software,” said Jason Bloomberg, president of analyst firm Intellyx.
“The ability to harness endpoint data for diagnostic analysis of the software landscape is essential, as enterprises increasingly depend on many disparate applications. Tanium’s SBOM data allows security teams to manage a variety of applications with the confidence that they can identify and address vulnerabilities before they adversely impact the customer,” he explained.
