Tanium vs. CloudPassage: Cloud Security Showdown

Last updated by UpGuard on June 29, 2020

scroll down

Traditional IT security mechanisms are simply ineffective at protecting today's enterprise cloud and hybrid infrastructures against cyber attackers. For this reason, numerous upstarts have risen to the challenge with innovative approaches to implementing security in the data center and beyond. Two leaders in this category—Tanium and CloudPassage—utilize peer-to-peer and botnet-based technologies for quicker breach detection and remediation. Let' see how the two stack up in this comparison.

Table of contents


Tanium offers an endpoint security and management platform that combines natural language search with 15-second visibility and control, that is—threat detection and remediation within 15 seconds, regardless of infrastructure size or complexity. 

The Tanium dashboard
The Tanium dashboard. Source: Tanium.com.

As mentioned, the platform's natural language search feature is a major selling point of the solution. A prominent search box at the top of Tanium’s web-based management console accepts natural language queries for interrogation and discovery. For example, typing in the following would retrieve a list of all servers in the environment with OpenSSL 1.0.1:

“show all servers with a package called OpenSSL 1.0.1.”

The platform uses a peer-to-peer model for threat response and remediation. Once installed on the network, the Tanium server communicates with a few select endpoints on which agents are installed. These agent-installed endpoints in turn communicate with their adjacent peers and relay collective information to the next agent-installed endpoint down the line. The final agent-installed endpoint then sends the aggregated responses back to the Tanium server. Because of this peer-to-peer architecture and streamlined interrogation/communications flow, the platform is able to deliver significant performance and scalability benefits over competing security solutions.


CloudPassage was founded in 2010 with $21 million in VC funding; a year and some change later, the first production version of its Halo cloud firewall platform was released. The company prides itself as being the first to market for security products built for elastic cloud environments, though initially—its platform was solely *nix-based. The platform has since evolved to support both Windows and *nix-based cloud environments and now encompasses a broad range of security functionalities: regulatory compliance, file integrity monitoring (FIM), software vulnerability scanning, and intrusion detection, among others—along with its initial firewall automation capabilities.

The CloudPassage Halo dashboard

The CloudPassage Halo dashboard. Source: CloudPassage.

Side-By-Side Scoring: Tanium vs. CloudPassage

1. Capability Set

Tanium bets the bank on its natural language endpoint search and peer-to-peer-based 15-second visibility and control. CloudPassage Halo features a broad range of SaaS-based security features, including configuration security monitoring, software vulnerability assessment, dynamic/virtual firewall management, server access management, file integrity monitoring, and log-based intrusion detection, among others.

Capability Set
Tanium Tanium's capability set score 3/5
CloudPassage CloudPassage's capability set score 5/5


2. Ease Of Use

Tanium's web-based GUI is straightforward and the natural language search feature works as expected. That said, viewing/managing large datasets of node information for an environment (e.g., system statuses for nodes) can get unwieldy, even after filtering the result set. CloudPassage's GUI is well laid-out, but configuring the SaaS-only solution to work with one's infrastructure can be a challenge. In general, the Halo platform carries with it a steep learning curve and requires considerable time to gain proficiency with. 

Ease Of Use
Tanium Tanium's ease of use score 3/5
CloudPassage CloudPassage's ease of use score 3/5


3. Community Support

Tanium's knowledge base and community board are vendor-maintained and actively frequented/populated by its users.  CloudPassage's support site also contains a plethora of community-generated resources including a public Q&A system, tip sharing, and a public toolbox.

Community Support
Tanium Tanium's community support score 4/5
CloudPassage CloudPassage's community support score 5/5


4. Security and Surface Attack Probability

No documented vulnerabilities for either platform were found in the CVE database, though this Tanium security alert from back in June 2015 details an exploitable scripting vulnerability in the platform's sensors. 

Tanium Tanium's security score 4/5
CloudPassage CloudPassage's security score 5/5


5. Release Rate

Tanium—with just about half a decade under its belt—is currently at version 6.5 of its server platform. Launched around the same time period, CloudPassage is currently on version 3.4. Both products see regular monthly releases and updates to their platforms and components.

Release Rate
Tanium Tanium's release rate score 5/5
CloudPassage CloudPassage's release rate score 5/5


6. Pricing And Support

Both Tanium and CloudPassage are enterprise security solutions mostly suited for enterprise-level budgets. For example, Halo is utility-based/metered and priced per server hour. As a result, organizations with large infrastructures and continuous security monitoring requirements should expect hefty, unpredictable billing cycles. Tanium's pricing is not publicly available. Both vendors offer ample online and paid-for (phone and email) support.

Pricing and Support
Tanium Tanium's pricing and support score 3/5
CloudPassage CloudPassage's pricing and support score 3/5


7. API and Extensibility

CloudPassage Halo features a well-documented REST API that allows developers to access/integrate CloudPassage functionality with other applications. For example, common API methods enable firewall settings management, account management, and server information management. Similarly, Tanium also ships with REST, SOAP, and syslog APIs for connecting Tanium query results to other tools such as SIEM solutions and ticketing systems.

API and Extensibility
Tanium Tanium's API and extensibility score 5/5
CloudPassage CloudPassage's API and extensibility score 5/5 


Free eBooks on DevOps and Security


8. 3rd Party Integrations

Both vendors have made 3rd party integrations a crucial facet of their respective platforms. The Halo Event Connector provides direct integration with Splunk Enterprise and SumoLogic and integration through syslog to ArcSight and other tools. Integrations with cloud management and IT automation tools such as RightScale, Puppet, and Chef is also streamlined with Halo. Tanium's integration layer to its platform is called Tanium Connect, and can feed  immediate and current endpoint data to external/3rd-party systems like SIEMs, log analytics tools, ticketing systems, and more. It also provides a myriad of ready-to-use connectors for simplifying the configuration such 3rd party integrations.

3rd Party Integrations
Tanium Tanium's 3rd party integration score 5/5
CloudPassage CloudPassage's 3rd party integration score 5/5


9. Bug Bounty Program

Neither company has been known to run bug bounties for their own products, though CloudPassage recently ran a highly-publicized program called The Gauntlet to find out how quickly an unsecured server could get hacked.

Bug Bounty Programs
Tanium Tanium's bug bounty program score 0/5
CloudPassage CloudPassage's bug bounty program score 0/5


10.  Companies That Use It

Tanium counts Visa, Amazon, Best Buy, the U.S. Department of Defense and Nasdaq as some of its more high profile customers, though its client list now includes half of the 100 largest U.S. companies by revenue, with five of the top ten banks and four of the top ten retailers. Similarly, CloudPassage Halo also has some big-name adopters, including some of the world's leading banks and software companies (Citrix and RightScale are a couple notable names in the lot).

Companies That Use It
Tanium Tanium's companies that use it score 5/5
CloudPassage CloudPassage's companies that use it score 5/5 


11.  Platforms Supported

Tanium's application servers only support Windows (Windows 2012/Server 2008 R2 SP1 or later), though its client supports various Linux distros. CloudPassage supports both Windows and *nix-based systems to include Windows 2008 R1 and R2, RedHat Enterprise Linux, Fedora, CentOS, Debian, Ubuntu, and Amazon Linux, among others.

Platforms Supported
Tanium Tanium's platforms supported score 2/5
CloudPassage CloudPassage's platforms supported score 5/5


12.  Learning Curve

Both solutions require substantial effort to get up to speed in managing; that said, Tanium has clearly made efforts to build a platform usable by both operators/administrators and CIOs/CSOs. As mentioned previously, CloudPassage Halo's steep learning curve means that considerable time is required to gain proficiency with the platform.

Learning Curve
Tanium Tanium's learning curve score 4/5
CloudPassage CloudPassage's learning curve score 2/5


Scoreboard and Summary

The following is the scoreboard for Tanium vs. CloudPassage based on the 12 criteria listed above:

  Tanium CloudPassage
Capability Set  Tanium's capability set score 3/5 CloudPassage's capability set score 5/5
Ease Of Use  Tanium's ease of use score 3/5 CloudPassage's ease of use score 3/5
Community Support  Tanium's community support 4/5 CloudPassage's community support 5/5
Security  Tanium's security score 4/5 CloudPassage's security score 5/5
Release Rate  Tanium's release rate score 5/5 CloudPassage's release rate score 5/5
Pricing And Support  Tanium's pricing and support score 3/5 CloudPassage's pricing and support score 3/5
API and Extensibility  Tanium's API and extensibility score 5/5 CloudPassage's API and extensibility score 5/5
3rd Party Integrations Tanium's 3rd party integrations score 5/5 CloudPassage's 3rd party integrations score 5/5
Bug Bounty Program  Tanium's bug bounty program score 0/5 CloudPassage's bug bounty program score 0/5
Companies That Use It Tanium's companies that use it score 5/5 CloudPassage's companies that use it score 5/5
Platforms Supported Tanium's platforms supported score 2/5 CloudPassage's platforms supported score 5/5
Learning Curve Tanium's learning curve score 4/5 CloudPassage's learning curve score 2/5
Total 43 48
Average Score Tanium's average score 4/5 CloudPassage's average score 4/5

So for a SaaS-based approach to security that includes a broad range of features for firewall management/automation, regulatory compliance, FIM, vulnerability scanning, and IDS, go with CloudPassage's Halo. Tanium can be an effective solution for enterprises in need an additional layer for further smoothing attack surfaces; additionally, it may be an attractive option for organizations requiring a system easier to install and learn than Halo. And in either casefor continuous security monitoring and vulnerability assessment, UpGuard is the platform to beat. Try it today.


Book a free demo








Related posts

Learn more about the latest issues in cybersecurity