The Computer Weekly Developer Network team found itself ‘down south’ in Nashville, Tennessee this week for Tanium CONVERGE 2019.
Now in its fourth year, the event has gained some critical mass and this year is due to host close to 1000 attendees for the first time.
For those that would benefit from a reminder, Tanium provides insight and control into endpoints including laptops, servers, virtual machines, containers or elements of cloud infrastructure.
The technology can help IT security and operations teams ask questions about the state of every endpoint across the enterprise, retrieve data on their current and historical state and so manage and control areas of risk.
The event keynote kicked off with a welcome from Tanium co-founder and executive chairman David Hindawi.
Hindawi welcomed the cybersecurity and systems management crowd, who hailed from both the public and private sectors.
“A lot of what you will see [at this event, in terms of feature and product requests] comes in direct response to the advice you [the users] have been giving us over the last 12-months. We started Tanium on the belief that enterprises need to know what [endpoints] they’ve got in real time if they are going to be able to secure their networks,” said Hindawi.
The Tanium chief suggests that many customers are managing their technology estate of machines using what he called ‘last decade’ technology — and the advances we have seen over the last decade in terms of virtualisation and the cloud only compound the problem.
“We believe that security and operations have been silo’d for too long — how can you have security without patching? We aspire to deliver a platform that bridges security and operations that offers features that point solutions offer but in a connected way that is integrated in ways that point solutions do not offer,” said Hindawi.
In terms of design, Hindawi recounted a story when he spoke to his engineering development team and asked them what they thought was the easiest possible user interface available — the answer that came back was Google. It was because of this revelation that Hindawi drove a Google-like experience in the way Tanium was built for ease of use throughout every module it delivers.
Going forward, Hindawi says he wants to be able to draw and deliver the power of the Tanium system with what he called ‘minimal user intervention’. This will allow users to know what’s going on in their enterprise systems so that they become ‘truthsayers’ — but (and here’s the essential control element) the company will also deliver guardrails so that operations itself is not disrupted.
If there are as many as 51 silos in a typical enterprise IT environment, then Tanium has a big task in front of it. Hindawi asked the audience to pay attention to what the company is doing to manage cyber threats… and he openly asked the audience to feedback to the Tanium engineering team to tell the company what works, what other capabilities and functionalities are needed.
Hindawi is unusual in his honesty and approach. He openly urged every attendee to stop him during the event (well, as many as time permits) and tell him what they need in terms of IT operations management for security. He’s trying to get people to actually tell him how they think Tanium services should develop in the future. Obviously the company will continue to ‘push’ its platform forward as it sees best, but the invitation to ‘pull’ from real users is very real here.
Hindawi was followed by Joseph Blankenship in his position as VP & research director for security & risk at Forrester.
Blankenship suggests that there is a ‘strained relationship’ between the security and operations functions. Of course work itself has developed into a state of silos — and there are ‘wedge issues’ that are created as a result of the diversity of IT (and process) systems that are used… and there are differences in tools, departmental missions, data access… and there are silo issues as a result of internal politics.
These wedges increase enterprise operational risk. But Blankenship called for more unity and insisted that IT Ops and security should ‘never be a contact sport’ in real world enterprise environments.
According to a Forrester Tanium study conducted in advance of this conference itself: “IT leaders today face pressure from all sides … To cope with this pressure, many have invested in a number of point solutions. However, these solutions often operate in silos, straining organisational alignment and inhibiting the visibility and control needed to protect the environment.”
You can read the full Tanium Forrester IT Ops and security survey story here.