IT Brief Ireland - Technology news for CIOs & IT decision-makers
Ireland
Editorial it ops center ai assistant coordinating incident response security alerts
#
Hybrid Cloud
#
Digital Transformation
#
Cloud Security

Tanium adds AI tools across security & endpoint management

Tue, 24th Mar 2026
Author image
By Sofiah Nichole Salivio, News Editor

Tanium has introduced new artificial intelligence features for its IT and security platform, spanning security operations, exposure management and endpoint management.

The updates are intended to help customers manage growing numbers of threats, vulnerabilities and devices by using real-time endpoint data in day-to-day operations.

One of the main additions is a governance tool for AI software running across endpoints. Called Tanium Guardian Spotlight: AI Tools, it gives security teams visibility into AI applications, local large language models, model context protocol servers and AI model files on Windows, macOS and Linux systems.

The tool also flags risk indicators, including potentially misconfigured MCP servers, and sends notifications that take teams to a dashboard of affected endpoints for investigation and audit.

Another update expands Tanium AI within the company's security operations offering. The new functions, Enrichment and Analysis, add context to endpoint alerts and datasets using information from Tanium's platform and external sources, then summarise the results into key impacts and suggested actions.

This is designed to help analysts work through large volumes of signals and alerts by providing more structured information on incidents and possible responses.

ServiceNow link

Tanium also outlined an AI agent built into ServiceNow's Now Assist. The agent is intended to automate parts of incident investigation by analysing endpoint intelligence when a case is opened, then offering help desk operators suggested remediation options.

Administrators can use the interface to get answers and take actions such as rebooting a device or uninstalling software without conducting a separate manual investigation.

The latest release also includes changes to exposure management. The platform can now launch operating system and software patching workflows directly from the risk analysis and prioritisation interface, showing unscheduled remediation actions ranked by the risks they address.

The aim is to bring vulnerability discovery, prioritisation and remediation closer together in a single workflow, with pre-populated software updates compared against current update pipelines.

OT expansion

Alongside these updates, Tanium is extending endpoint management into operational technology environments. The expansion adds support for assets such as human-machine interfaces, programmable logic controllers and supervisory control and data acquisition systems.

By bringing those systems into the same platform used for mainstream IT assets, Tanium aims to give customers a broader view of managed devices and vulnerability data across industrial and corporate environments.

The launch comes as cybersecurity and IT management suppliers add AI functions to products that already monitor devices, software and security events. Vendors are increasingly trying to reduce manual work in tasks such as triage, investigation, patching and policy enforcement, while also addressing governance concerns around the use of AI tools inside organisations.

Research cited by Tanium from Omdia suggests that half of organisations are already using or piloting autonomous endpoint management, with most of the rest planning to do so.

Gabe Knuth, Principal Analyst, End-User Computing and User Protection at Omdia, said the broader market trend reflects the growing need to handle more devices and signals than teams can process manually.

"Tanium is making autonomous IT real at a time when IT and security teams are dealing with more devices, threats, vulnerabilities and signals than they can process manually," Knuth said.

He added that the same research points to rising adoption of autonomous endpoint management.

"The Growing Role of AI in Endpoint Management report by Omdia (Enterprise Strategies Group) shows half of organisations are already using or piloting autonomous endpoint management, with nearly all the rest planning to. What Tanium is doing, bringing security operations, exposure management and endpoint management together on one platform, gives those autonomous capabilities the context they need to work," he said.

Tanium positioned the release around using AI to connect security operations, exposure management and endpoint management on a single platform, with endpoint telemetry supporting investigation and remediation.

Harman Kaur, Senior Vice President of Technology Strategy and AI at Tanium, said the latest changes are focused on practical outcomes for security teams.

"At RSAC, Tanium is expanding what AI can deliver for security teams - turning real-time endpoint intelligence into governed, actionable outcomes at speed and scale. We are working diligently on additional advances in unifying context, surfacing what matters most and helping organisations close the remediation loop on the growing volume and complexity of vulnerabilities and threats," Kaur said.

Related stories
Protegrity launches AI Team Edition for secure inferencing
OpenAI launches Trusted Access for Cyber with major names
Anthropic launches Claude Opus 4.7 with stronger coding
Testlio launches AI chatbot testing service amid scrutiny
Dropbox launches three apps inside ChatGPT for work

Top stories

TestRail launches AI test script generation in beta
FIRST conference highlights AI & CVE disclosure push
OpenAI expands Codex with desktop & workflow tools
OpenAI launches GPT-Rosalind for life sciences research
Mirantis integrates NVIDIA Run:ai to speed AI deployment