Tanium Becomes the New Baseline Endpoint Security Solution for the JIE

November 14, 2017
Alexander Rossino
Advisory Research Analyst

The Defense Department’s Defense Innovation Unit-Experimental (DIUx) recently awarded a task order to World Wide Technology using an acquisition approach called “Other Transaction Authority,” or OTA. For those who haven’t heard of Other Transaction Authority, it is a rapid acquisition method that allows the DIUx to award contracts to “non-traditional” contractors (i.e., commercial companies that traditionally do not do business with the federal government) for technology prototype efforts. The goal of establishing OTA was to provide a procurement method that enabled the DOD to rapidly test and adopt potentially game-changing technologies.

OTA is subject to a series of rules and restrictions, which those interested can read about in the DIUX’s Commercial Solutions Opening How-to Guide, published in November 2016. Congress, however, changed the procurement authority of the DIUx in the FY 2016 National Defense Authorization Act to allow the award of production contracts following successful prototyping efforts. The $35M task order awarded to WWT for Tanium endpoint security and management services for Army Network Enterprise Technology Command was the first such award.

The WWT award will enable the Army to introduce Tanium endpoint protection into its networks, which it is slowly flattening into the Joint Information Environment (JIE). On this score the Army is following in the footsteps of the U.S. Air Force which has spent $857K on Tanium endpoint products since FY 2014; part of $11M in total spending on Tanium across the federal government since that year.

As FCW reported in January 2017 concerning the Air Force’s Tanium adoption, “another initiative in the works is the expansion of World Wide Technology's Tanium network defense system … to the Air Force’s secure network and support and mission systems.” Support for the Tanium-based WWT effort also came from Major General Chris Weggeman, Commander of the 24th Air Force and Commander, Air Force Cyber, before the Senate Subcommittee on Cybersecurity on May 23, 2017: “The Air Force Information Dominance Platform (AFIDP) … also employs the Automated Remediation and Asset Discovery (ARAD) capability suite. ARAD is an instantiation of the commercial Tanium product [that] achieved Initial Operational Capability on the Air Force Network in December 2016, installed on nearly 600,000 end-points with powerful results and exceeding all expectations. The intrinsic operational value and potential of ARAD was formally acknowledged by the Air Force CIO, Lieutenant General William Bender, who recently directed ARAD implementation across the Air Force network to include mission systems and enclaves.”

In other words, Tanium is rapidly becoming the endpoint protection standard being rolled out across the DOD. Army and the Air Force are the two military departments most heavily invested in the JIE. Navy and the Marines are expected to begin integration later this fiscal year so it should be only a matter of time before they too integrate Tanium into their IT ecosystems; and it’s all thanks to the DIUx and its new procurement authority that this is happening.