Tanium SBOM

Tanium SBOM is a software bill of materials solution that provides visibility into software supply chain vulnerabilities across an organization's endpoints and applications. The tool identifies all runtime libraries, open-source freeware, and software packages within an environment. When a vulnerability is discovered, such as Log4j or OpenSSL, Tanium SBOM enables organizations to quickly identify every software application and endpoint where the vulnerable package exists. The solution provides real-time information about software packages and their versions across the entire environment. The tool supports granular decision-making by allowing organizations to make nuanced choices about their applications based on risk tolerance. It integrates with other Tanium modules, specifically requiring Asset Discovery and Inventory solution area modules for full functionality. Tanium SBOM tracks metrics including endpoints with critical or high software supply chain vulnerabilities, software usage coverage across endpoints, and the ability to find zero-day vulnerabilities like OpenSSL. The solution enables organizations to take remediation actions based on their specific needs and organizational requirements. The tool addresses the challenge of identifying which open-source software is used across all applications and provides the ability to assess and respond to supply chain threats quickly.