Next Generation Software Fills Some Gaps – But Agencies Still Need Accelerated Visibility and Control of Endpoints

Next Generation Software Fills Some Gaps – But Agencies Still Need Accelerated Visibility and Control of Endpoints

By Boyd White, Director, Technical Account Management, Tanium

Endpoint management is critical as agencies try to secure the knowns and unknowns in their IT environments. As cybercriminals become more sophisticated, IT teams need to not only mitigate known cyber breaches – but also need faster visibility and control when cybercriminals adapt their techniques. The recent threat of compromised software at SolarWinds is a good example of the quick pace in which agencies were forced to identify risks in record time and respond with never before expected speeds.

Traditionally, agencies have favored the myriad of compensating controls – mechanisms engineered to respond after a breach has occurred. This leads to tool sprawl – adopting too many one-off specialized solutions that complicate risk decision making. Too many tools negatively impact productivity, complicate management workflows, and dramatically inflate costs.

Too often, IT teams use compensating controls as a safety net, as they are easier to install and not nearly as complicated to manage as baseline controls – mechanisms put in place to protect information systems and endpoints before a threat occurs. Compensating controls should not be an agency’s primary defense. The efficacy rate of compensating controls dramatically decreases when it comes to blocking new threats.

These controls should be treated as the name describes, compensating for the rare occasion in which proper baseline controls around privileged access and code execution do not cover the threat. With compensating controls, IT teams will not know about a breach until it occurs – putting data and systems at risk, and creating more work to fix the issue after the fact.

Next generation software – antivirus, for example – is a type of compensating control designed to solve a specific problem. It was created to fill unprotected gaps in the network left by legacy antivirus software, and incorporates advanced technology to help agencies detect, respond to, and prevent various types of cyber threats in real-time.

But, do agencies need more next generation software or are they just chasing diminishing returns? Think of it like the evolution of cars – we created the seatbelt, then we created the airbag. But, we never got rid of the seatbelt. Next generation software is the airbag – and we don’t need more airbags. We need to know which cars are crashing and take them off the road – quickly. Agencies need to know where the gaps in their networks are so they can fill them. To do this, agencies need faster and more real-time visibility and control of their endpoints.

As agencies strengthen preventive security with baseline controls, they should adopt a holistic risk management approach that uses accurate and real-time data to reduce risk and improve security.

Leveraging a single platform that integrates endpoint management and security unifies teams, effectively breaks down the data silos and closes the accountability, visibility, and resilience gaps that often exist between IT operations and security teams. Hackers can no longer hide in the long timelines that it takes for teams to coalesce and remove threats.

A truly unified endpoint management platform approach also gives agencies end-to-end visibility across divisions, end users, servers, and cloud endpoints – giving them the ability to identify assets, protect systems, detect threats, respond to attacks, and recover at scale.

As agencies consider the opportunity to modernize security – investing in modern, advanced, intelligent, and flexible technology and advanced intel to secure users, endpoints, and information will deliver the best return on investment — and most important, best serve the mission.


About the Author

Boyd White AuthorBoyd White is the Director of Technical Account Management at Tanium. Boyd has spent 15+ years of his life dedicated to advance the goals of information security in both the public and private sectors. In his spare time, he enjoys reading, tinkering with electronics, and playing video games. Boyd can be reached online at, on LinkedIn, and at our company website


FAIR USE NOTICE: Under the "fair use" act, another author may make limited use of the original author's work without asking permission. Pursuant to 17 U.S. Code § 107, certain uses of copyrighted material "for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright." As a matter of policy, fair use is based on the belief that the public is entitled to freely use portions of copyrighted materials for purposes of commentary and criticism. The fair use privilege is perhaps the most significant limitation on a copyright owner's exclusive rights. Cyber Defense Media Group is a news reporting company, reporting cyber news, events, information and much more at no charge at our website Cyber Defense Magazine. All images and reporting are done exclusively under the Fair Use of the US copyright act.

Global InfoSec Awards 2022

We are in our 10th year, and these awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.


10th Anniversary Exclusive Top 100 CISO Conference & Innovators Showcase