Root Cause Collaboration - Tanium Investigate - Tanium Tech Talks #125

Whether you are in IT operations or security, collaborating to close cases is a daily event. Tanium Investigate helps you get to root cause faster by collecting data points across endpoints, users, and teams.

Get to root cause faster
Reduce Mean-Time-To-Resolution MTTR
Correlate artifacts across endpoints and users
Reach endpoints anywhere in the world
Integrate with ServiceNow ticketing

Live process monitor (and kill processes)
Browse the file system and tail log files
Manage Windows services
Browse Windows Event Logs
Browse Windows Registry

Add data points from these other modules:
Performance
Patch
Deploy
Threat Response
Comply
Enforce

#informationsecurity #informationtechnology #windows #macos #linux

RESOURCES
Docs
https://help.tanium.com/bundle/ug_investigate_cloud/page/investigate/index.html
Investigate intro episode 73
https://www.youtube.com/watch

CHAPTERS

00:00 Intro

00:50 Meet Josh

02:10 What is Investigate?

03:07 Customer feedback

05:05 Supported modules

06:05 New data points

08:55 DEMO Single Endpoint View

10:05 DEMO Investigate tab

18:40 DEMO Adding data to an investigation

20:09 ServiceNow integration

21:25 DEMO Investigation view

21:46 DEMO Add annotation

24:00 DEMO User data

25:00 DEMO Remote Services & Processes

26:00 DEMO Remote Registry

28:30 DEMO Remote Event Log

37:05 DEMO Pivot to Performance

39:45 Wrap up & resources