Tanium AI Enrichment and Analysis: Tanium Tech Talks #162

Tired of decoding commands, searching unfamiliar processes, and guessing alert context? See how Tanium AI Enrichment& Analysis breaks down alert activity, explains risk, and guides response - without leaving your workflow.

Join us as we explore how Tanium Threat Response uses AI to:
🧠 Provide detailed context and security implications
🔓 Decode complex or encoded command lines
📌 Summarize alerts with key findings and context
🚀 Recommend next steps to accelerate investigation and response

Instead of pivoting between tools, analysts can stay in context—making faster, more confident decisions whether you’re a junior analyst or a seasoned incident responder.

#informationsecurity #informationtechnology #TaniumTechTalks

RESOURCES:
Docs: https://help.tanium.com/bundle/AlertEnrichAnalysis/page/ANN/AlertEnrichAnalysis/AlertEnrichAnalysis.htm

00:00 – Intro

00:25 – Meet Duncan

02:59 – AI Enrichment & Analysis overview

03:32 – Breaking down encoded PowerShell commands

05:26 – Alert summarization & context

07:05 – Key findings and anomaly detection

09:07 – Why enrichment matters for analysts

12:54 – Risk, impact assessment & recommendations

15:08 – AI access, licensing, and usage

16:21 – Hunting IOCs with AI assistance

17:53 – Enrichment in direct endpoint connections

19:36 – Real-time command analysis examples

21:22 – Key takeaway: “Look for the sparkles”

21:44 – Wrap-up