最近披露估值 01
9000 USD M [CV006] 尽调报告
Tanium
后期端点安全与运营平台,在企业和美国联邦市场覆盖深、粘性强
Tanium 仍是具规模且战略相关的端点安全平台,2024 年后的独角兽估值支撑也可信;但在把旧有 $9 billion 叙事视为真正稳固前,投资承销仍需要更新 ARR、利润率、留存和股权结构披露。
封面要素
公司概况
Tanium 是一家美国网络安全和端点管理公司,2007 年由 David Hindawi 和 Orion Hindawi 创立。平台覆盖实时端点可见性、补丁、风险与合规、事件响应,以及以 Atlas 和 Tanium Ask 包装的较新 AI 工作流层。公开客户证据最集中在超大型、强监管环境,包括 Fortune 100 公司、美国头部银行,以及多个美国联邦和军事组织。公开证据支持其收入或 ARR 规模约 $700 million,估值仍远高于 $1 billion 门槛,但由于当前增长、利润率、留存、烧钱速度和优先股堆叠披露稀少,入场承销仍受限制。
- 成立时间
- 2007-01-01
- 创始人
- David Hindawi, Orion Hindawi
- 创立地点
- Emeryville, CA, USA
- 总部
- Kirkland, WA, USA
- 产品
- 统一端点管理与安全平台,覆盖资产可见性、补丁和配置控制、风险与合规、事件响应、工作流自动化,以及较新的 AI 辅助运营模块。
- 客户
- 大型企业、强监管行业和美国联邦机构;它们的端点资产复杂,对实时可见性、修复和合规运营要求高。
- 商业模式
- 多模块端点软件,主要按端点销售,覆盖核心平台、端点管理、风险 / 合规和事件响应产品;支持混合云与本地部署路径,并配套渠道和公共部门采购支持。
- 阶段
- Series H / late-stage private
- 融资情况
- 最近一次披露的新股融资是 2020 年 6 月 $150 million 的 Series H 轮,投后估值 $9 billion;后续第三方资料仍将 Tanium 置于独角兽门槛之上,并通常引用约 $1.1 billion 至 $1.174 billion 的累计融资。
执行摘要
主要优势
- Tanium 在超大型企业和公共部门环境中适配度持久,Fortune 100 账户、美国大型银行和美国六大军种都给出公开证据。
- 平台仍靠实时端点可见性、深度修复工作流、混合部署支持,以及不断扩展的 AI 辅助运营模块形成差异化。
- 2024 年 5 月之后的多个信号,包括 Forbes 2025 年画像和 Yahoo/Forge 2026 年估计,都确认 Tanium 仍明显高于 $1 billion 私营公司估值门槛。
主要风险
- 核心承销输入仍未公开:当前 ARR、增长率、毛利率、净留存率、烧钱速度、现金跑道和优先权瀑布都没有公开披露。
- 公开估值信号大致横跨 $4.26 billion 到 $9 billion,入场价格纪律很关键;没有新的财务披露,旧有 $9 billion 框架显得偏高。
- 治理历史噪音、产品复杂度投诉,以及对大型企业和联邦采购流程的集中敞口,都可能在执行滑坡时放大下行。
未决问题
- 当前 ARR、收入增长、毛利率、自由现金流和净留存率没有公开披露,仍是清晰承销的最大障碍。
- 没有最新 409A 或要约数据,以及完整清算优先权堆叠,普通股价值无法锚定。
- 精确活跃客户数、续约队列和头部客户集中度仍未披露。
- 公开来源对当前员工数、累计融资额和主要总部标注存在冲突,仍需要管理层确认。
目录
01公司概况
1.1 身份、产品与覆盖范围
2026 年的 Tanium 把自己定位为「Autonomous IT」公司:一家私营平台厂商,靠实时端点遥测和 AI 驱动工作流,把端点管理、暴露面管理和安全运营串在一起。第三方资料和公司自有材料都指向 2007 年由 David 和 Orion Hindawi 创立,但 Tanium 的地理身份并不干净。公司当前地点页把 Washington 标为总部,SEC 搜索结果和 CB Insights 仍显示 Emeryville, California 的经营或邮寄地址,Wikipedia 也保留了较早的 Kirkland-Emeryville 双地表述。产品叙事比主数据更一致。Tanium Atlas 于 2026-05-05 推出,作为覆盖更广平台之上的新自主操作系统;Morningstar 转发的发布稿也重复了 Tanium 的说法,即平台现在捕捉超过 36 million 个端点的信号。客户证据强在名称而不是数量:Best Buy 和美国海军都有公开案例研究页面,公司也直接面向联邦机构营销。[CO001, CO002, CO003, CO004, CO005, CO006]
Tanium 的创始人、平台、联邦定位、客户和治理风险如何彼此连接。
[CO003, CO004, CO005, CO006, CO007, CO015]1.2 领导层、治理与关键人依赖
Tanium 的领导层叙事强在创始人延续,弱在当前状态的一致性。Dan Streetman 当前履历和 Yahoo Finance 私营公司资料都把他列为 CEO;2023 年 2 月的交接公告也明确说 Streetman 将出任 CEO,Orion Hindawi 转任执行董事长,David Hindawi 成为荣誉董事长。但 Orion Hindawi 自己的当前简介仍称其担任 CEO,在公司官网上制造了一个本可避免的治理数据不一致。无论哪个头衔才是规范说法,创始人影响力仍然重要:David 和 Orion 都留在高级治理职位,Mark Fields、Tim Millikin、Maggie Wilderotter 等投资人或独立董事在旁提供运营和资本市场经验。Marc Levine 当前 CFO 角色也很关键,因为 Tanium 仍是私营公司,指标披露稀少,下一次融资或流动性事件很可能高度依赖财务纪律和董事会一致性。[CO011, CO012, CO013, CO014, CO015, CO016]
| 人物 | 当前公开角色 | 背景 / 覆盖 | 关键人物依赖 |
|---|---|---|---|
| Dan Streetman | CEO(当前信号佐证更充分) | 2023 年被任命;当前简介和 Yahoo 在 CEO 角色上相互一致;任董事 | 高——当前外部资料中的标准运营领导者 |
| Orion Hindawi | 联合创始人;当前简介仍称 CEO | 产品架构师和长期经营者;2023 年过渡让他转任执行董事长,但简介似乎滞后 | 高——创始人影响力和头衔不一致都重要 |
| David Hindawi | 联合创始人;执行董事长 / 名誉董事长过渡历史 | 此前创办 BigFix;仍是战略连续性的核心 | 高——创始人治理连续性仍重要 |
| Mark Fields | 董事会成员 | Ford 前 CEO;2020 年加入董事会,当时 Tanium 正扩大到大型企业和 5G 时代复杂性 | 中——治理和外部可信度 |
| Tim Millikin | 董事会成员;TPG 合伙人 | 在董事会代表重要投资人视角 | 中——投资人对资本配置和退出的影响 |
| Maggie Wilderotter | 董事会成员 | 据 Tanium 简介,是资深 Fortune 500 和初创公司 CEO | 中——补充运营和董事会经验 |
| Marc Levine | 首席财务官 | 在仍是私营公司的背景下,负责财务职能和外部金融关系 | 中——财务尽调和融资准备度 |
覆盖重点放在创始人,以及尽调中最重要、记录最清楚的治理人物;留存来源中,Tanium 未发布一份干净完整的董事会名单。
[CO011, CO012, CO013, CO014, CO015, CO016]1.3 资本结构、估值与规模信号
Tanium 的融资历史比当前私募市场指标清楚。公司 2020 年 10 月宣布追加 $150 million 股票出售,Business Insider 报道称该轮在同年 6 月 Salesforce Ventures 较早投资之后把 Tanium 估到超过 $9 billion;同一报道将 Salesforce Ventures 那笔投资规模写为 $100 million。Tanium 在 2020 年称累计融资已超过 $900 million,而 CB Insights 现在估计累计融资更高,为 $1.174 billion,并把公司列为活跃老股交易标的。SEC 搜索结果还显示自 2009 年以来长期存在 Form D 轨迹,这与一家融资密集、周期很长的私营公司相吻合。当前规模信号方向上强,但不够干净,无法精确。Forbes 2025 年 9 月资料列出 2,000 名员工和 $9 billion 估值;Yahoo 的私营公司页面显示 1,001 名员工,并给出截至 2026-05-15 的 Forge 价格 $5.40;ZoomInfo 称员工数 1K-5K,收入估计 $378.1 million。审慎读法是:Tanium 规模大、成熟,也足够有流动性可以形成老股交易定价,但没有管理层材料,公开透明度不足以支撑当前指标的精确测算。[CO002, CO021, CO022, CO023, CO024, CO025]
| 指标 | 数值 / 状态 | 日期 / 锚点 | 置信度 | 缺口 / 注意事项 |
|---|---|---|---|---|
| 成立 | 2007 | 历史 | 高 | 创始人和日期得到多个第三方资料相互印证 |
| 阶段 | 后期私营;CB Insights 列为“二级市场 | 存续” | 2026-05-18 | 中 | 除私营公司状态外,公司未发布阶段标签 |
| 主要地点 | Washington 总部标签;Emeryville 业务 / 通信地址仍在其他来源被引用 | 2026-05-18 | 中 | 官方和第三方来源没有给出一个无争议的总部答案 |
| 当前运营 CEO 信号 | Dan Streetman 佐证更充分;Orion 简介仍称 CEO | 2026-05-18 | 中 | 当前公开领导层页面内部不一致 |
| 最近公开提及估值 | >$9B(2020 年 10 月融资);Forbes 2025 年 9 月仍列为 $9B | 2020-10 / 2025-09 | 中 | 留存来源未显示后续一级融资或经审计估值披露 |
| 累计融资 | >$900M(公司 2020 年披露);CB Insights 现估计为 $1.174B | 2020-10 / 2026-05-18 | 中 | 当前累计金额取决于第三方数据库方法 |
| 员工数 | 1,001(Yahoo)/ 2,000(Forbes)/ 1K-5K(ZoomInfo) | 2025-09 至 2026-05-15 | 低 | 公开员工数在留存来源间不一致 |
| 当前客户数 | 2026-05-18 | 低 | 有具名客户证据,但留存来源未找到精确客户数 | |
| 联邦状态 | Tanium Cloud for U.S. Government(TC-USG)获得 FedRAMP Moderate 授权 | 2023-11-14 | 高 | 除授权外的联邦触达说法仍来自公司表述 |
| 具名客户证明 | Best Buy;U.S. Navy;公司声称覆盖 Fortune 100 超过 50% 和美国武装部队 | 2023-02 至 2026-05-18 | 中 | 覆盖广度说法来自公司表述,未被独立逐一列举 |
| 端点遥测规模 | >36M 个全球端点 | 2026-05-05 | 高 | 规模说法来自公司的发布材料 |
| ARR / 收入运行率 | 2026-05-18 | 低 | 留存来源未披露公开 ARR 或收入运行率 | |
| 二级市场信号 | Forge 价格 $5.40 | 2026-05-15 | 中 | 二级价格不等同于一级轮估值 |
各行混合了公司披露、高信誉媒体、SEC 搜索结果和市场数据档案;null 表示留存公开披露缺失,而不是数值为零。
[CO001, CO002, CO008, CO009, CO010, CO021]| 利益相关方 | 角色 | 控制 / 经济重要性 | 公开证据 | 尽调问题 |
|---|---|---|---|---|
| David Hindawi | 联合创始人 / 高级治理人物 | 创始人影响力和历史控制连续性 | 当前简介及 2023 年过渡材料 | 确认当前持股、投票控制和正式头衔 |
| Orion Hindawi | 联合创始人 / 执行董事长到 CEO 冲突节点 | 创始人技术愿景和治理影响力 | 当前简介与 2023 年过渡公告冲突 | 确认标准头衔和董事会权力 |
| Dan Streetman | CEO 和董事会成员 | 当前战略和任何流动性路径的运营负责人 | 当前简介、Yahoo 档案、2023 年公告 | 确认激励一致性和继任计划 |
| Andreessen Horowitz | 历史风险投资人 | 早期规模化投资人;Tanium 长期股权结构的一部分 | 反向事件和融资报道中均被提及 | 确认当前持股以及任何董事会 / 观察员权利 |
| TPG / Tim Millikin | 投资人和董事会席位 | 有直接董事会可见性的重大经济利益 | Tim Millikin 简介及投资人报道 | 确认持股、保护性条款和退出预期 |
| Salesforce Ventures | 战略投资人 / 生态伙伴 | 2020 年融资和工作流合作中的战略信号 | 2020 年 6 月合作及 2020 年 10 月融资报道 | 确认战略投资是否附带商业承诺 |
| Fidelity / Baillie Gifford / T. Rowe Price(投资者) | 跨阶段投资人群体 | 引入公开市场风格资本和治理预期 | 2020 年 10 月融资报道 | 确认二级交易后是否仍有任何机构是活跃持有人 |
这张图反映公开可见的利益相关方,而不是完整股权结构表;具体持股比例和按比例增购权仍属私有信息。
[CO012, CO020, CO021, CO023, CO024, CO025]公开可观察的规模、资本和合规指标,以及主要不确定领域。
估值、累计融资和员工数结合了公司披露与第三方市场数据画像,不应视为经审计数据。
[CO022, CO023, CO024, CO025, CO029, CO030]1.4 里程碑、联邦姿态与负面历史
Tanium 的里程碑记录把持久产品相关性和真实治理、声誉伤痕混在一起。公司在 2020 年融资时搭配 Salesforce 合作,2020 年 9 月把前 Ford CEO Mark Fields 加入董事会,并在 2023 年 2 月完成 Streetman 的 CEO 交接。2023 年 11 月,Tanium Cloud for U.S. Government 获得 FedRAMP Moderate 授权,联邦姿态明显增强;Business Wire 发布稿还称其支持美国国防部五个军种、民用机构和超过 70% 的 Fortune 100。2026 年 5 月,Tanium 借 ServiceNow Knowledge 发布联合 Autonomous IT 方案,随后推出 Tanium Atlas 作为旗舰 AI 操作层。这些正面因素旁边,是尽调仍不能忽视的旧负面历史。Bloomberg 联合发布的 2017 年报道称,Tanium 未经许可在现场演示中使用 El Camino Hospital 网络;另一篇联合报道指称 Orion Hindawi 任内存在员工归属期前解雇,Tanium 否认该说法。更近期,第九巡回法院在 2024 年恢复了一起员工股票价值虚假陈述案,说明治理和股权处理审视并未消失。[CO012, CO016, CO034, CO035, CO036, CO037]
| 日期 | 事件 | 类型 | 金额 / 估值 / 状态 | 参与方 | 含义 |
|---|---|---|---|---|---|
| 2007 | Tanium 成立 | 创立 | 由 David 和 Orion Hindawi 创立 | David Hindawi;Orion Hindawi | 公司的起点和持续创始人影响力 |
| 2017-04 | El Camino Hospital 演示争议公开 | 反向 | 据报道未经许可使用客户环境 | Orion Hindawi;El Camino Hospital;Bloomberg 转发媒体 | 形成持久的治理和信任悬置 |
| 2017-04 | 归属前解雇指控被报道 | 反向 | 文化和股权处理指控;公司否认 | 前员工;Orion Hindawi;Bloomberg 转发媒体 | 引发治理和招聘风险问题 |
| 2020-06-25 | 宣布 Salesforce 合作 | 合作 | 战略工作流合作 | Tanium;Salesforce | 在重大融资前拓宽企业工作流生态 |
| 2020-09-02 | Mark Fields 加入 Tanium 董事会 | 治理 | Ford 前 CEO 加入董事会 | Tanium;Mark Fields | 在后续融资前强化董事会画像 |
| 2020-10-05 | 宣布 $150M 普通股融资 | 融资 | $150M;外部报道估值 >$9B | Tanium;Fidelity;Baillie Gifford;T. Rowe Price 等 | 确认大规模私募市场支持 |
| 2023-02-01 | Dan Streetman 被任命为 CEO | 治理 | Orion 转任执行董事长;David 转任名誉董事长 | Tanium 领导层 | 完成从创始人 CEO 到职业经营者的正式领导层交接 |
| 2023-11-14 | TC-USG 获得 FedRAMP Moderate 授权 | 监管 | Moderate 授权 | Tanium;美国联邦客户 | 强化联邦云资格和合规可信度 |
| 2026-05-05 | Tanium Atlas 发布 | 产品 | 自主操作系统;>36M 端点说法 | Tanium | 标志 AI 驱动产品叙事转向和规模主张 |
| 2026-05-06 | ServiceNow 自主 IT 解决方案发布 | 合作 | CMDB、工作流和 AI 智能体集成 | Tanium;ServiceNow | 把平台分发延伸到既有企业 IT 工作流 |
| 2024-08-30 | Howard v. Tanium 在上诉中恢复 | 反向 | 第九巡回法院推翻简易判决 | Daniel Howard;Tanium | 表明股权价值和治理审查仍在进行 |
这条时间线强调尽调最相关的公开可见拐点;私有产品发布、内部重组和未披露融资可能缺失。
[CO001, CO012, CO016, CO021, CO023, CO036]从创立到 2026 年产品与合作伙伴发布的关键拐点。
时间线强调公开拐点,而不是每一笔融资或每次产品发布,因此是选择性年表,不是完整公司账本。
[CO001, CO012, CO016, CO021, CO022, CO036]02市场分析
2.1 市场边界与纳入支出
不应把 Tanium 分析成纯移动设备管理厂商,也不应把它看作纯端点防护厂商。Tanium 自有平台、端点管理、暴露面管理和自主端点管理材料描述的是一个统一控制平面:把端点管理、资产发现与盘点、漏洞优先级排序、修复和工作流自动化合在一起。因此,最可辩护的市场边界从企业端点控制和资产可见性起步,再延伸到暴露面管理,因为同一套端点遥测被用来给风险打分并完成修复。Tanium 的 ServiceNow 集成强化了这个边界;该集成明确把端点数据接入 CMDB 和工作流自动化。Carahsoft 的公共部门打包也强化了这一点,它把资产盘点、端点管理、事件响应和暴露面管理作为一套政府控制栈来呈现。主要排除的支出桶包括纯 MDM 或 MAM 部署、仅面向网络的零信任工具,以及买方并不打算整合控制和修复时的独立端点防护套件。在端点管理侧,Microsoft Intune 仍是最清楚的现状替代品;EPP 和漏洞管理既有厂商则掌握相邻预算,Tanium 正试图把这些预算压进更宽的自主运营叙事。[CM001, CM002, CM003, CM004, CM005, CM006]
| 细分市场 / 类别 | 纳入支出 | 排除支出 | 买方 / 付款方 | 相关性 |
|---|---|---|---|---|
| 企业端点管理 / UEM | 端点配置、软件部署、补丁、合规报告、端点分析、设备策略编排 | 纯移动端 MDM/MAM,或没有更广控制平面的 BYOD 应用容器 | CIO、端点运营、EUC;中央 IT 预算 | Tanium 与 Microsoft Intune 和其他端点套件竞争的核心控制平面市场 |
| 资产发现和盘点 | 实时端点清单、资产感知、软件和硬件可见性、支撑 CMDB 的遥测 | 没有实时端点遥测的仅 CMDB 静态记录系统 | IT 运营、基础设施、配置管理负责人 | 对 Tanium 至关重要,因为盘点质量决定控制、合规和修复准确性 |
| 暴露 / 漏洞管理 | 持续漏洞监控、优先级排序、可利用性上下文、修复编排 | 没有运营工作流或端点动作层的独立扫描 | CISO、漏洞管理、风险与合规预算 | 快速增长的相邻预算,Tanium 可用同一端点数据平面切入 |
| 工作流自动化 / 自主运营 | 与 ServiceNow 连接的修复、策略工作流、AI 辅助运营动作、跨团队编排 | 没有端点执行的 ITSM 工单,或没有资产上下文的孤立 RPA | ITSM 负责人、CIO 办公室、平台工程 | 重要扩张层,因为 Tanium 正定位自主运营,而不只是可见性 |
| 公共部门网络卫生 / 零信任项目 | 机构零信任迁移、网络卫生扫描、漏洞减少、受监管端点控制 | 仅网络的零信任、只做咨询的项目、一次性合规咨询 | 联邦、州 / 地方、教育、国防采购和现代化预算 | 可信的可服务切入口,因为 Tanium 已在推广面向政府的专用打包方案和就绪能力 |
| 独立替代品和排除类别 | N/A | 当买方不整合控制和修复时,纯 EDR/XDR、仅网络零信任、单点 MDM 或孤立端点保护 | 已被既有厂商满足的安全或 IT 预算项目 | 这些是真实替代品,但除非发生整合,否则不应计入 Tanium 纳入的 TAM |
边界有意按“融合”来划分:表中纳入 Tanium 明确通过端点遥测和工作流连接的预算,排除不共享同一控制 / 修复逻辑的相邻安全或管理支出。
[CM001, CM002, CM003, CM004, CM005, CM006]2.2 多口径市场规模测算
公开市场数据无法支撑一个单一的 Tanium TAM 数字。仅统一端点管理,分析师基线就从 Mordor Intelligence 的 2026 年 $8.85B 市场,到 The Business Research Company 的 2026 年 $22.75B 市场;Technavio 则把同一品类表述为 2026 至 2030 年新增收入 $11.365B,Grand View 的较早序列又从小得多的 2022 年基数起步。相邻品类同样庞大:Fortune Business Insights 把 2026 年端点防护定为 $21.64B、暴露面管理定为 $5.08B、攻击面管理定为 $1.25B;TBRC 把 2026 年安全与漏洞管理定为 $15.93B。这些口径不能简单相加,因为同一个企业账户可能用一个平台预算购买相互重叠的控制、盘点和修复能力。更受证据约束的可服务切口,是 UEM 中偏大型企业的部分:把 Mordor 的 71.62% 大型企业占比套到其 2026 年 UEM 基线,可得到约 $6.34B 的底部;同样逻辑套到 TBRC 的 2026 年 UEM 基线,则给出约 $16.29B 的高情景上限。即便如此,公开资料仍没有干净的 SOM,因为 Tanium 不披露分产品线收入或份额。[CM007, CM008, CM009, CM010, CM011, CM012]
| 发布方 | 年份 | 地理范围 | 数值 | CAGR | 方法 / 视角 | 置信度 | 局限 |
|---|---|---|---|---|---|---|---|
| Mordor Intelligence | 2026 | 全球 | 2026 年 UEM $8.85B;到 2031 年 $27.83B | 25.74% | 统一端点管理市场基线;包括厂商格局和细分份额 | 高 | UEM 类别较宽;非 Tanium 专属,可能仍包含以移动为中心的管理支出 |
| Grand View Research | 2022 / 2030 | 全球 | 2022 年 UEM $4.48B;到 2030 年 $21.79B | 22.4% | UEM 历史至预测序列,按垂直行业和组织规模拆分 | 中 | 基准年份较旧;不能与仅 2026 年序列直接比较 |
| The Business Research Company | 2026 | 全球 | 2026 年 UEM $22.75B;到 2030 年 $70.42B | 32.7% | 广义商业 UEM 预测,强调零信任和集中控制 | 中 | 基线远高于 Mordor;类别边界可能更宽 |
| Technavio | 2026-2030 | 全球 | UEM 2026 至 2030 年新增 $11.365B | 10.4% | 以增量增长表述,而非单一市场起始值 | 中 | 若无额外假设,无法直接换算为 2026 年市场基数 |
| Fortune Business Insights | 2026 | 全球 | 2026 年端点保护平台 $21.64B | 10.9%,至 2034 年 | 经典端点安全预算的替代市场视角 | 中 | 衡量相邻端点保护,而不是 Tanium 式融合 |
| Fortune Business Insights | 2026 | 全球 | 2026 年暴露管理 $5.08B | 23.21% 至 2034 年 | 漏洞 / 暴露优先级预算的相邻增长参照 | 中 | 可能与 SVM 和控制平台预算重叠 |
| The Business Research Company | 2026 | 全球 | 安全和漏洞管理 2026 年 $15.93B | 10.3% 至 2030 年 | 漏洞管理支出的相邻降风险参照 | 中 | 口径宽于 Tanium,因为纳入了端点控制之外的安全漏洞工具 |
| Fortune Business Insights | 2026 | 全球 | 攻击面管理 2026 年 $1.25B | 21.03% 至 2034 年 | 外部暴露发现相邻赛道 | 中 | 窄于 Tanium 核心;可作增长率信号,不能当完整 TAM |
本表保留公开口径之间的冲突,不强行拼出虚假共识。可服务市场测算应靠重叠口径和排除项校准,而不是把所有类别相加。
[CM007, CM008, CM009, CM010, CM011, CM012]分层测算使用相互重叠的市场视角,而不是单一膨胀的网络安全 TAM。
企业权重底部是用 Mordor 公布的大企业占比推导的估算;没有尝试把重叠的 UEM 和暴露面市场相加。
[CM011, CM016, CM017, CM018, CM019, CM039]公开 2026 市场数字因品类和发布方不同而差异很大,图表保留这种离散度,而不是把它藏起来。
中点只是便于阅读的简单算术锚点,不是独立发布方估算。所有数值均为十亿美元。
[CM007, CM008, CM012, CM013, CM014, CM015]2.3 买方、预算与采用路径
Tanium 周围的采购委员会天然跨职能,因为平台横跨多条既有预算线。在商业账户中,CIO 和端点运营团队通常掌握设备管理、软件部署和合规报告;CISO 和漏洞管理团队则掌握暴露面优先级、威胁降低和政策风险。Microsoft Intune 自己的产品定义解释了为什么它是基线比较对象:端点管理、自动化策略部署、合规、分析和自动补丁已经存在于许多企业的云控制平面里。因此,Tanium 的差异化主张在需要更广遥测、更高保真资产盘点、更深修复工作流,或接入 ServiceNow 等运营系统的组织里最强。公共部门和强监管买方是尤其相关的楔子,因为公开证据已经把 Tanium 与州和地方机构、教育机构、联邦民用机构、美国军方及盟国政府客户连在一起。医疗也是可信需求口袋,因为 UEM 市场数据和 HIPAA 指引都指向设备盘点、补丁纪律和合规报告具备关键任务属性的场景增长更快。实践中,采用通常从一个控制问题开始,但扩张取决于 Tanium 能否把 IT 运营、安全、工作流负责人和采购统一到一套整合逻辑下。[CM019, CM021, CM022, CM023, CM026, CM030]
| 细分市场 | 买方 | 用户 | 付款方 | 工作流 | 预算负责人 | 采用触发点 |
|---|---|---|---|---|---|---|
| 大型企业端点运维 | CIO、IT 副总裁、端点或 EUC 负责人 | 端点工程、办公场所运维、服务台 | 中央 IT 运维预算 | 跨异构设备打补丁、部署、配置并执行合规 | CIO / 基础设施预算负责人 | 工具蔓延、云迁移、Windows/macOS/Linux 统一、服务台效率 |
| 安全和漏洞管理团队 | CISO、漏洞管理负责人、网络风险负责人 | 漏洞分析师、安全工程、修复经理 | 安全运营 / 网络风险预算 | 给漏洞排优先级、降低暴露、协调修复 | CISO / 安全预算负责人 | KEV 压力、审计发现、勒索软件风险、基于可利用性的优先级排序 |
| 跨职能自主运维项目 | CIO 办公室,以及 ITSM / ServiceNow 负责人 | 平台工程、IT 运维、工作流团队 | 转型或自动化预算 | 把端点数据接入 CMDB、工作流、修复和 AI 辅助动作 | CIO / 平台共享预算 | 需要减少手工工单,并统一数据 / 动作闭环 |
| 联邦文职和国防机构 | 机构 CIO/CISO、现代化办公室、采购主管部门 | 端点团队、SOC、合规和任务 IT 人员 | 网络现代化、零信任和项目预算 | 资产可见性、零信任、漏洞削减、策略执行 | 机构项目主管 / 采购办公室 | OMB 零信任要求、网络卫生参与、FedRAMP 就绪度 |
| 州、地方和教育买方 | 州 / 地方 CIO、教育 IT 负责人、采购 | IT 管理员、安全团队、数字服务人员 | 公共部门 IT 和网络预算 | 端点控制、资产盘点、合规和事件准备 | 机构或院校 IT 领导层 | 运营韧性、拨款资助的现代化、人手短缺 |
| 医疗健康和受监管关键基础设施 | CIO、CISO、合规负责人 | 临床 IT、安全运营、基础设施团队 | 安全、IT 和合规预算 | 资产盘点、补丁、设备可见性、风险管理报告 | CIO / 合规 / 安全共同负责 | HIPAA Security Rule 压力、审计响应、正常运行时间和安全要求 |
这张地图看购买中心,而不是终端用户。Tanium 最强的楔子出现在 CIO、CISO 和工作流负责人都需要同一套企业级端点与暴露数据时。
[CM019, CM021, CM022, CM023, CM026, CM030]Tanium 交易通常连接端点、安全、工作流和采购利益相关方,而不是单一预算负责人。
这是关系图,不是漏斗;它突出保留来源所暗示的多方采购委员会。
[CM021, CM023, CM033, CM034, CM035, CM039]2.4 增长驱动与采用约束
Tanium 相关市场最强的增长驱动来自强制要求,而不是自由裁量支出。零信任采用已通过 OMB M-22-09 嵌入联邦政策,并通过 CISA 成熟度模型落地,这让设备、资产和策略控制持续留在有预算支持的路线图上。CISA 的 Cyber Hygiene 服务和 KEV 目录把漏洞发现与优先级排序变成政府和关键基础设施利益相关方的运营要求;HHS 指引和拟议的 HIPAA Security Rule 则提高了书面技术资产清单和医疗风险管理的合规价值。Verizon 2026 DBIR 也强化了预算理由:持续的入侵活动仍与人为错误和软件漏洞相连,补丁和暴露面降低因此继续占据议程高位。市场结构也帮助 Tanium:云交付正在成为 UEM 默认运营模式,服务增长很快,因为买方需要集成和运营帮助。主要约束是品类膨胀和预算重叠。分析师基线差异很大,因此头部 TAM 容易夸大近期可服务机会;同一家企业可能已经通过 Microsoft、端点防护厂商或 ITSM 工具拥有部分工作流。这使预算归属和打包纪律与原始市场增长同样重要。[CM020, CM021, CM024, CM025, CM026, CM027]
| 驱动因素 / 约束 | 方向 | 时间 | 影响 | 尽调问题 |
|---|---|---|---|---|
| 联邦零信任项目(OMB + CISA) | 驱动 | 当前 / 多年期 | 让资产、设备和控制项目继续留在有预算的公共部门路线图上 | 索取联邦管线结构、交易阶段,以及按机构划分的续约率 |
| 网络卫生与 KEV 驱动的漏洞优先级排序 | 驱动 | 当前 / 持续 | 验证“盘点 + 修复”工作流,以及更快的补丁优先级排序 | 询问实际部署中 Tanium 数据多常映射到 KEV 或类似可利用性框架 |
| HIPAA 与受监管行业的资产盘点压力 | 驱动 | 当前 / 近期 | 抬高医疗健康场景里端点可见性、资产图谱和风险管理的合规价值 | 索取与合规用例绑定的医疗客户背书,而不只是安全结果 |
| 云交付控制平面与服务占比较高的实施 | 驱动 | 当前 / 结构性 | 利好能统一管理、分析和修复,同时提供运营支持的平台 | 按部署类型衡量服务附加率、伙伴使用率和价值达成时间 |
| 既有 Microsoft 捆绑包 | 约束 | 当前 / 结构性 | 主流企业已有基础云端点栈,替换门槛被抬高 | 量化已安装 Intune 账户中的胜率,并找出能撬动替换的模块 |
| UEM、EPP、SVM 和 ITSM 之间的品类混淆 | 约束 | 当前 | 没有单一预算科目清楚承接整个平台叙事,交易归属可能变慢 | 询问多模块交易里哪类高管会成为稳定的经济买方 |
| 分析师 TAM 基线膨胀或不一致 | 约束 | 当前 | 若尽调不做排除、直接采用最高公开市场数,估值上行会被夸大 | 用已披露的细分结构、端点数量和当前模块附加率,与管理层重建 TAM |
| 未披露的公开 SOM 与产品线收入结构 | 约束 | 当前 | 公开份额难以精确分析,自下而上校准估值也更难 | 索取模块收入、暴露管理附加率、公共部门占比,以及按买方细分的留存 |
授权要求、网络卫生和工作流整合重叠时,驱动力最强。尽调的核心难点,是把宽泛的市场收敛转成明确预算负责人和可衡量的 Tanium 份额假设。
[CM020, CM021, CM023, CM026, CM027, CM028]合规要求和网络卫生计划形成一条需求链:从资产可视性走向修复和运营自动化。
该流程为定性判断,并有证据支撑;它概括了标准、网络卫生计划和工作流集成来源所暗示的推进顺序。
[CM026, CM027, CM028, CM029, CM030, CM031]03竞争格局
3.1 竞争格局概览
Tanium 所销售进入的端点管理市场已经越过经典 UEM 阶段。独立市场评论把 2026 年采购描述为两类平台之间的选择:一类提供实时可见性、AI 驱动自动化、漏洞管理和安全运营集成;另一类围绕定时扫描和更窄的设备管理工作流构建,工具更轻。在这次迁移中,Tanium 位于市场的企业端:它向 IT 和安全团队营销一套 Autonomous IT 平台,评论和分析师来源也反复把实时数据模型描述为它赢下复杂、大规模端点场景的原因。 因此,Tanium 不是在一条战线上竞争,而是在三条战线上竞争。第一类是 Microsoft Intune、Ivanti Neurons、HCL BigFix 和 Workspace ONE 等直接端点与 UEM 对手,它们都争夺同一个控制平面预算。第二类是 NinjaOne、Automox 和 Atera 等云原生挑战者,强调更快上线、更低摩擦和更透明打包。第三类是 CrowdStrike、SentinelOne 和 Qualys 等安全优先的相邻厂商,它们通过暴露面管理、基于风险的补丁和统一修复工作流,与 Tanium 越来越重叠。最重要的结果是:Tanium 不再只被拿来和另一款端点工具比较;买方会用套件经济性、部署简单度,以及一个平台是否可信替代多个点工具来衡量它。[CP001, CP002, CP003, CP004, CP037, CP042]
| 竞争对手 | 类别 | 规模 / 市场信号 | 目标细分 | 关键差异化 | 相比 Tanium 的主要短板 |
|---|---|---|---|---|---|
| Microsoft Intune | 捆绑式 UEM / MDM | PeerSpot UEM #1;22.3% 心智份额 | 以 Microsoft 为标准栈的企业、公共部门 | 公开价格低、Microsoft 365 捆绑、云原生部署 | 实时查询与修复深度弱于 Tanium |
| Ivanti Neurons | 企业 UEM / IT 运维 | 已建立联邦和医疗健康足迹 | 需要混合交付的大型混合设备环境 | 实时发现、自修复、混合部署、广泛设备支持 | 超大规模下,类似 Tanium 的控制平面深度证据较少 |
| HCL BigFix | 企业端点管理老牌厂商 | 155M+ 端点;120+ OS;声称 >98% 首次补丁成功率 | 大型受监管、分布式或隔离网络环境 | 补丁规模、OS 广度、实时修复、企业适配 | 云原生简洁性和捆绑经济性不如 Intune 或 Automox |
| Workspace ONE | 广泛企业 UEM 套件 | 广泛部署的混合设备企业平台 | 全球混合设备环境、公共部门、受监管行业 | 多租户、低接触注册、强应用和策略生命周期控制 | Broadcom 之后商业不确定性,以及支持 / 授权问题 |
| NinjaOne | 云原生统一 IT 运维 | 35,000+ 客户,覆盖 140+ 国家 / 地区 | 中端市场 IT 团队、分布式环境、较轻量企业用例 | 部署快、运维摩擦低、自主补丁、备份和远程访问 | 类似 Tanium 的实时查询深度和公共部门专精证据较少 |
| Automox | 云原生补丁与控制平台 | 公开 $1/endpoint/month 的 OS 补丁入门价 | 优先考虑补丁卫生的云优先和混合团队 | 透明定价、轻量部署、跨平台补丁 | 复杂企业环境中的运维深度窄于 Tanium |
| CrowdStrike Falcon for IT / Exposure Management(IT 与暴露面管理) | 安全牵引的修复和暴露平台 | 单 Agent 暴露管理和 IT 自动化扩张 | 把 Falcon 延伸到修复和 IT 自动化的安全团队 | 自然语言查询、基于风险的补丁、广泛攻击面发现 | 不是移动 / 设备生命周期工作流的完整 UEM 替代品 |
| SentinelOne Singularity | 带漏洞管理的安全牵引平台 | FedRAMP High、AWS GovCloud、Fortune-10 客户背书 | 安全牵引型企业和联邦机构 | 统一端点 / 云 / 身份态势、无扫描漏洞管理、联邦选项 | 相比 Tanium,更偏安全中心,而不是设备生命周期中心 |
| Qualys TruRisk / VMDR | 暴露与修复相邻赛道 | 替代方案数据中持续可见性和补丁叙事 | 暴露牵引的安全和合规买方 | 始终在线可见性、内置优先级排序和补丁、灵活传感器 / 设备 | 完整端点管理广度的证据少于 Tanium |
规模和市场信号单元格只使用已保留的公开证据;在保留来源未披露精确收入或客户数量时,本表用心智份额、受管端点、政府或部署信号替代,避免编造财务数据。
[CP009, CP013, CP015, CP022, CP024, CP025]在有证据支撑的序数轴上标出 Tanium 和主要对手:部署简单度(x 轴,越高越容易云优先采用)和实时运营深度(y 轴,越高表示实时控制和修复越强)。
轴值是分析师基于保留的公开产品页、评论站点和独立市场评论作出的序数估计,而不是审计基准。x = 部署简单度,从 1(重企业主导部署)到 5(云优先、低摩擦部署)。y = 实时运营深度,从 1(基础管理)到 5(实时查询、深度修复、强融合工作流支持)。
[CP009, CP022, CP024, CP027, CP031, CP037]3.2 直接 UEM 与企业平台竞争对手
Microsoft Intune 是最大的单一分发威胁,因为它已经嵌在 Microsoft 365 套件中,价格公开,并在保留下来的独立 UEM 数据里拥有最广认知。这不意味着 Intune 能等同替代 Tanium 的实时查询模型,但它让 Intune 成为 Microsoft 标准化账户中的默认价格锚。Ivanti、BigFix 和 Workspace ONE 的重要性各不相同。Ivanti 把跨平台 UEM 广度与实时发现、自修复和混合部署选项结合,在联邦和医疗环境中仍有吸引力。HCL BigFix 仍是企业级架构上最接近的表亲:它强调超大型托管资产、广泛操作系统覆盖和强补丁成功率,尽管其 Gartner 领导者信息来自厂商自写。Workspace ONE 仍广泛部署在大型混合设备资产中,并继续提供多租户、低接触注册、应用生命周期管理和强公共部门引用;不过,Broadcom 之后商业轨迹的独立证据比产品能力证据更薄。 实际结果是:当买方最在意实时运营状态和深度修复控制时,Tanium 仍处在最佳位置;当买方优化的是套件经济性、既有厂商标准化,或某个设备管理深度,而不是 Tanium 更宽的控制平面时,这些直接同业更容易获胜。[CP006, CP007, CP008, CP009, CP010, CP011]
| 能力 | Tanium | Intune | Ivanti | BigFix | Workspace ONE | CrowdStrike / SentinelOne |
|---|---|---|---|---|---|---|
| 实时查询 / 控制 | 强——秒级实时数据和控制平面 | 中——云 UEM 可见性,但不是 Tanium 式实时查询 | 强——实时发现和 NLP 查询 | 强——近实时修复和可见性 | 中——遥测和策略可见性,实时侧重较弱 | 强——实时安全可见性,以及自然语言或 AI 辅助查询 / 修复 |
| 跨平台端点管理 | 强——广泛覆盖企业端点 | 强——Windows、macOS、Linux、iOS、Android | 强——iOS、Android、macOS、Windows、ChromeOS、IoT | 强——支持 120+ OS | 强——支持主要 OS,并提供设备生命周期控制 | 部分——端点安全最强;作为完整 UEM 较弱 |
| 补丁与修复深度 | 强——企业补丁和修复工作流 | 中——广泛 UEM 补丁,叠加套件附加项 | 强——修复和自修复自动化 | 强——声称 >98% 首次补丁成功率,并有大型 Fixlet 库 | 中——自动化 OS / 应用更新 | 强——安全平台提供基于风险的补丁和紧急修复 |
| 移动端 / MDM 深度 | 中——相关,但不是保留证据中的核心差异点 | 强——套件牵引的 MDM 基线 | 强——明确覆盖移动和坚固型设备的 UEM 广度 | 中——具备企业管理广度,但保留材料中移动端营销较弱 | 强——成熟 UEM 和注册体验 | 弱——安全平台不是主要 MDM 套件 |
| 暴露 / 安全融合 | 强——统一 IT 和安全工作流 | 中——相比 Tanium 式融合,更靠捆绑和策略牵引 | 中——广泛运维和安全自动化 | 强——统一端点和安全运营定位 | 中——安全态势和条件访问,但不如 Falcon/Singularity 安全原生 | 强——安全牵引的融合就是品类逻辑 |
| 混合 / 隔离网络 / 受监管部署 | 强——获 FedRAMP 授权的云和企业控制重点 | 强——GCC High / DoD 政府云 | 强——面向联邦机构的本地、云和混合部署 | 强——企业和隔离网络环境是核心卖点 | 强——公共部门和受监管客户背书,多租户 | 强——SentinelOne 联邦页面支持 SaaS、本地和隔离网络选项 |
| 云优先部署简洁性 | 中——能力强,但反复被描述为部署更重 | 强——云原生,并借力 Microsoft 技术栈 | 中——平台更广,混合复杂度更高 | 中——企业老牌厂商的运营模型 | 中——远程入职强,但仍有企业套件复杂度 | 强——安全云原生运营模型 |
| 定价透明度 | 低——保留来源未展示公开标价 | 高——公开方案和套件定价 | 低——保留来源集里为定制定价 | 低——未保留公开价格 | 中——提到定价,但保留来源没有提供清晰公开价目表 | 低到中——相邻厂商通常私下报价,只有捆绑经济性降低设置摩擦时例外 |
本矩阵比较运营模型和能力主题,不是经认证的产品基准测试。单元格只汇总保留公开证据;“强”“中”“弱”反映保留来源中的相对支撑力度,而非经审计的实验室测试。
[CP003, CP012, CP014, CP016, CP017, CP019]| 厂商 | 定价模式 | 公开标价信号 | 已包含能力 | 合同态势 / 未知项 | 战略含义 |
|---|---|---|---|---|---|
| Tanium | 定制企业报价 | 无保留公开标价 | 广泛端点管理、实时查询、暴露和修复工作流 | 独立来源持续提到设置成本更高、运营模型更重;保留来源集缺少公开价目卡 | 买方足够重视实时控制、能接受不透明定价时,契合度强 |
| Microsoft Intune | 按用户 / 套件捆绑 | $8 Plan 1;$4 Plan 2 附加项;$10 Intune Suite 附加项 | 核心 UEM,加高级端点 / 安全能力附加项 | 定价公开,且常已嵌入 Microsoft 365 订阅 | 在以 Microsoft 为标准栈的账户中设定品类价格地板 |
| Ivanti Neurons for UEM(统一端点管理) | 基于报价的企业定价 | 无保留公开标价 | 广泛 UEM,加自动化和联邦部署选项 | 定价可能逐账户谈判;保留来源强调能力,而非公开打包 | 竞争点是广度和部署灵活性,而非价格透明度 |
| HCL BigFix | 基于报价的企业定价 | 无保留公开标价 | 端点管理、合规、修复和 AI 支持的自动化 | 保留公开证据强调规模和性能,而非标价 | 补丁深度重要时,可支撑高端企业替换决策 |
| Workspace ONE | 按版本的企业定价 | 存在定价,但保留来源没有提供清晰公开价目表 | UEM、应用生命周期、身份相邻访问、补丁和自动化 | 买方应尽调 Broadcom 之后授权和支持模型的影响 | 新交易中,商业结构的重要性可能不亚于产品契合度 |
| NinjaOne | 报价牵引的 SaaS,提供试用 / 无强制承诺 | 无保留公开标价 | 端点管理、自主补丁、备份、远程访问 | 厂商强调无隐藏费用、打包更简单;精确价格仍由报价驱动 | 即便没有完整标价透明度,也在简洁性上压低 Tanium |
| Automox | 按端点计费的 SaaS | OS 补丁年付价为 $1 per endpoint/month;更高层级报价制 | OS 补丁,随后是自动化、第三方补丁、多组织管理、远程控制 | 保留集合中最透明的公开入门价 | 切入成本敏感或云优先环境的强楔子 |
| Atera | 按技术员计费的 SaaS | 保留竞品博客显示,IT 部门为 $149-$219 per technician/month | RMM、服务台、工单、补丁、远程访问、AI 智能体 | 竞品撰写的定价只能作方向性参考;企业层级仍报价驱动 | 显示相较 Tanium,透明度基准已经下探得很深 |
本表刻意把公开标价和报价牵引的企业销售动作拆开。只有保留来源披露时才使用公开数字;缺失的 Tanium、Ivanti、BigFix 以及大多数 Workspace ONE 企业经济性,仍是尽调事项,不能直接进模型。
[CP006, CP007, CP011, CP028, CP031, CP032]3.3 云原生挑战者与安全相邻对手
云原生挑战者给 Tanium 带来最清楚的部署和定价压力。NinjaOne 和 Automox 都主打比 Tanium 更简单的运营模型:NinjaOne 营销 100% 云交付、无强制承诺,以及一个控制台覆盖端点管理、备份、远程访问和自主补丁;Automox 则把每端点每月 $1 的 OS 补丁公开价格摆上台面,再在其上叠加自动化和远程控制模块。Atera 在营销上更进一步,把 AI 智能体、按技术员定价和极快上线打包在一起。这些厂商都没有复制 Tanium 的企业级实时查询架构,但它们可以赢下大量主要想要跨平台补丁、减少工单和简单远程运营,而不是企业控制织体的账户。 更具战略性的风险来自安全优先厂商横向扩张进入 Tanium 领地。CrowdStrike Falcon for IT 在 Falcon 平台中加入自然语言端点查询、大规模脚本执行和基于风险的补丁;Falcon Exposure Management 则扩展到单一 agent 攻击面发现与修复。SentinelOne 同样把漏洞管理与更宽的端点、身份和云平台耦合,并叠加强联邦部署资质。Qualys 作为摩擦更低的连续可见性和补丁替代品,在暴露面驱动采购中仍然相关。这些产品并非在每个账户里都能完整替代 Tanium,但它们让安全团队更容易不购买 Tanium 作为主平台,也能解决足够多的端点修复工作。[CP016, CP017, CP018, CP019, CP020, CP021]
买方匹配矩阵:展示哪些竞争者在五个决策维度上最强,而不是逐个产品拉清单。
评级仅基于保留来源作出的有证据支撑的定性评估。“强”表示该供应商在指定买方维度上得到保留证据明确且反复支持;“中”表示相关但没那么决定性;“弱”表示该维度不是保留证据中的强项。
[CP005, CP008, CP015, CP021, CP024, CP027]3.4 护城河持久性、切换成本与风险
当买方看重实时状态而非周期性可见性时,Tanium 的护城河最站得住。独立市场评论、Tanium 平台描述和对比页面都强化同一个差异点:Tanium 可以在数秒内查询大型端点群并采取动作,而不是等待定时扫描或异步盘点。在大型、强监管或运营复杂的资产中,这种架构支撑更高切换成本,因为 Tanium 会成为补丁、漏洞分诊、资产发现、合规和响应工作流共用的数据平面。凭借获得 FedRAMP 授权的云和长期联邦定位,Tanium 相比许多云原生挑战者也保有公共部门可信度优势。 护城河真实存在,但并非没人挑战。Microsoft 设定了套件价格底线,Tanium 若要轻易下探就会侵蚀价值捕获。CrowdStrike、SentinelOne 和 Qualys 从安全预算切入,提供足够多的可见性和修复,足以替代一部分 Tanium 用例。NinjaOne、Automox 和 Atera 从下方侵蚀市场,把这个问题的简化版本做得更容易、更便宜。核心尽调问题不是 Tanium 是否仍有技术差异化;留存来源一致支持它有。更难的问题是:客户真正迫切需要这种差异化、并愿意为更陡的部署曲线、定制定价和更重运营模型付费的频率有多高。[CP005, CP028, CP037, CP038, CP040, CP041]
| Tanium 护城河 / 风险 | 为什么重要 | 威胁 | 严重性 | 缓释措施 / 尽调问题 |
|---|---|---|---|---|
| 实时查询架构 | 实时查询架构让 Tanium 在事件响应、合规和大规模终端补救中区别于定期扫描工具和更轻量的 UEM 工具 | BigFix 在企业补丁管理上缩小差距;以安全为核心的平台也在围绕另一套重心加入实时补救能力 | 高 | 验证在大型客户中,实时状态工作流多频繁地直接拉动赢单率、续约或工具整合 |
| 统一 IT + 安全控制平面 | Tanium 可以作为多套工具的替代品竞争,而不是又一个 UEM 产品 | CrowdStrike、SentinelOne 和 Qualys 正把足够多的补救和暴露面管理放进安全平台,足以抢走预算 | 高 | 获取产品使用和模块附加数据,验证客户是否真的整合到 Tanium 上 |
| 联邦和强监管企业信誉 | 帮助进入政府机构和管控严格的资产环境,这类客户不会只因 SMB 式低摩擦就采购 | Microsoft 和 SentinelOne 都有强政府部署叙事;Ivanti 也在营销 FedRAMP 认证的联邦交付能力 | 中 | 检查近期联邦管线质量、竞争组合,以及 FedRAMP 是否显著改变成交率 |
| 定价不透明 | 相比 Intune 和 Automox 这类公开价格锚,定价不透明会削弱 Tanium | 买方可以用摩擦更低、价格更透明的替代方案解决部分工作 | 高 | 索取按细分市场划分的当前标价到净价区间和折扣纪律 |
| 部署和管理复杂度 | 公开评价一再把 Tanium 描述为能力强,但比云原生挑战者更难部署、更吃运维人手 | NinjaOne、Automox 和 Atera 靠快速上线和更简单的上线后运维取胜 | 高 | 衡量相较同业的价值实现时间、管理员人手和专业服务依赖 |
| Microsoft 套餐价格底板 | 捆绑的 Intune 会在已押注 Microsoft 365 的客户中限制 Tanium | 即便 Tanium 技术更强,套餐经济性也可能挡住替换 | 高 | 按 Microsoft 365 渗透率复盘赢单 / 输单,尤其是由办公技术或终端团队主导的客户 |
严重性反映的是:基于已保留公开证据,某一威胁在未来 12-24 个月侵蚀 Tanium 价值捕获或替换率的可能性。该严重性不是对当前客户流失率的判断。
[CP005, CP028, CP037, CP038, CP040, CP041]用保留的公开证据,简要评估 Tanium 当前竞争地位的耐久度。
分数是分析师基于保留公开证据在 0-10 区间作出的判断,不是管理层指引或审计经营指标。
[CP005, CP028, CP037, CP041, CP042, CP043]04财务情况
4.1 收入模式、打包与公开定价线索
Tanium 的变现明显是模块化,而不是单体式。AWS Marketplace 上的公开打包和 North Carolina 全州采购文件都显示一套四部分结构:Core、Endpoint Management、Risk & Compliance、Incident Response,并附加 Threat Response、Patch、Asset、Reveal、Deploy、Benchmark 等模块。最强的公开价格证据是 2025 年 4 月 1 日 NCDIT 价格表,它披露了多个模块的每端点 NC 价格,并对多数软件和硬件设备 SKU 施加 2,000 端点最低门槛。这一点重要,因为它把 Tanium 从不透明的「联系销售」SaaS,变成部分可观察的企业定价模型。该价格表也显示公司仍销售硬件设备和维护续约,因此交付模型是混合式:云订阅存在,但本地部署和硬件支撑部署仍有商业意义。AWS 用年度 1,500 端点套装和合同时长定价强化了同一结构;TrustRadius 的渠道抓取只能作为低置信度边缘线索,不能当成可承销的已实现价格。[CI001, CI002, CI003, CI004, CI005, CI006]
| 收入来源 | 机制 | 计费单位 | 当前公开状态 | 收入质量 | 尽调问题 |
|---|---|---|---|---|---|
| 核心平台 / AEM | 经常性软件订阅 | 按终端 / 年度合同 | AWS 和 Tanium 材料均公开了核心平台和 AEM 定位 | 高质量经常性基础层 | 报告基础平台 ARR、续约率和按队列拆分的扩张 |
| Endpoint Management Plus | 核心之上的模块增购 | 按终端 / 年度 | 公开 NC 价格,并纳入 AWS 套餐 | 具有交叉销售潜力的经常性附加模块 | 按队列提供附加率和毛利率 |
| Risk & Compliance Plus | 安全和风险增购 | 按终端 / 年度 | 公开 NC 价格,并纳入 AWS 套餐 | 受监管需求推动的经常性安全模块 | 按垂直行业展示附加率和续约率 |
| Incident / Threat Response | 安全响应模块 | 按终端 / 年度 | Incident Response 和 Threat Response 的公开 NC 价格 | 经常性收入,但扩张路径受使用量影响 | 拆分 IR、威胁狩猎和 EDR 邻近 ARR |
| 设备 + 维护 | 硬件销售加续期支持 | 设备 + 年度续期 | NC 文件披露小型至超大型设备 SKU 和维护续期 | 质量低于纯 SaaS,但对隔离 / 本地部署资产环境很重要 | 量化硬件在签约额中的占比和综合毛利率 |
| 联邦云 | 托管 SaaS 实例 | 实例 + 终端 | FedRAMP Moderate 云以全托管、零基础设施对外营销 | 可能黏性较高的公共部门 ARR | 披露公共部门 ARR 及相较商业客户的毛利率 |
| IT Service Center / Salesforce 套餐 | 渠道套餐,加上必需的 Tanium 服务和模块 | 按终端 / 12-36 个月 | NC 文件显示 $96 NC 单终端套餐,与必需的 Tanium 服务绑定 | 套餐可带动额外模块和服务 | 提供实际 ASP、服务附加和渠道利润率 |
NC 采购定价是最强的公开变现证据;这些行混合了直接模块价格、硬件和托管云交付,因此实际定价和收入结构仍需要管理层披露。
[CI001, CI002, CI003, CI009, CI010, CI042]| 产品 | 公开价格线索 | 期限 / 最低要求 | 覆盖范围 | 解读 |
|---|---|---|---|---|
| Core Plus | $34.20 NC 价格($38 标价) | 年度 / 最低 2,000 个终端 | 自主终端管理核心 | 企业软件基准价格底板 |
| Endpoint Management Plus | $19.80 NC 价格($22 标价) | 年度 / 最低 2,000 个终端 | 配置、补丁、策略、DEX | 存量客户上的大规模附加机会 |
| Risk & Compliance Plus | $12.15 NC 价格($13.50 标价) | 年度 / 最低 2,000 个终端 | 风险、合规、SBOM 运行时可见性 | 经常性安全增购 |
| Incident Response | $12.15 NC 价格($13.50 标价) | 年度 / 最低 2,000 个终端 | 集成响应工作流 | 补齐四模块 AEM 式组合 |
| Threat Response | $17.10 NC 价格($19 标价) | 年度 / 最低 2,000 个终端 | 威胁狩猎和补救 | 高端安全附加模块 |
| Patch 2 | $6.53 NC 价格($7.25 标价) | 年度 / 最低 2,000 个终端 | 补丁自动化 | 运营效率模块 |
| Asset | $4.37 NC 价格($4.85 标价) | 年度 / 最低 2,000 个终端 | 资产盘点和补充 | 广泛附加模块 / 低客单价增购 |
| NC 推导四模块组合 | $78.30 每终端-年 | 代理值按 Core Plus + Endpoint Management Plus + Risk & Compliance Plus + Incident Response 计算 | 仅软件;不含服务和基础设施 | 最佳公开软件 ASP 代理值,不是实际净价 |
| 设备硬件 | $28,800-$111,360 NC 价格 | 最低 2,000 个终端 | 小型至超大型本地部署设备 | 确认混合 / 设备支撑交付仍具商业性 |
| TrustRadius 抓取 | 4 个方案,起价 $8.99;无免费试用 | 不清楚 | 渠道抓取元数据 | 低置信线索;不要用它代替采购文件进行承销 |
NC 采购文件是权威公开定价;AWS 确认了打包方式和终端规模结构;TrustRadius 元数据只作为低置信交叉验证纳入,不代表实际合同价。
[CI003, CI004, CI005, CI006, CI007, CI008]公开证据显示,Tanium 采用模块化、按端点计价的混合模型,把企业端点资产环境转化为经常性订阅、增购模块,以及部分由硬件设备支撑的部署。
该图展示结构而非财务;它映射可观察的打包和交付模式,不声称精确收入拆分。
[CI001, CI002, CI009, CI010, CI042]4.2 收入规模、增长标记与估值证据
2024 年 5 月之后最重要的证据是,Tanium 仍被筛选为一家有可观收入规模的数十亿美元级私营公司,尽管当前没有公开经审计财务报表。Forbes 在 2024 年 8 月报道,Tanium 销售额约 $700 million,自由现金流率超过 10%,EBITDA 盈利,云 ARR 约 $300 million 且同比增长 40%。Forbes 公司资料截至 2025 年 9 月仍把该业务描述为 $9 billion 估值。Yahoo Finance 的 Forge 支撑私募市场页面于 2026 年 5 月 15 日访问时,把当前估计下调至 $4.26 billion,但这仍比用户要求的 $1 billion 估值门槛高出很大缓冲。问题不是 Tanium 是否仍是独角兽;问题是公开数据集在累计融资甚至当前收入规模上存在实质分歧。分歧没有推翻估值逻辑,但会降低承销精度,也让管理层确认的股权结构表和 KPI 材料成为必需。[CI011, CI012, CI013, CI014, CI015, CI016]
| 项目 | 公开值 / 状态 | 含义 | 尽调问题 | 来源质量 |
|---|---|---|---|---|
| 最近一次公开融资事件 | 2020 年 6 月 25 日 Series H,$150M,投后估值 $9B | 2020 年后没有公开可见的新股融资标记 | 提供 2020 年后所有新股、老股交易或要约交易 | 历史估值标记质量高;当前资本充足性质量低 |
| 当前估值证据 | $4.26B(Yahoo/Forge,2026 年 5 月)到 $9B(Forbes,2025 年 9 月) | 明确高于 $1B,但对方法敏感 | 提供最新 409A、投资者信和任何要约交易 / 老股交易定价历史 | 中 |
| 累计融资 | 公开总额冲突:$470.94M 与 ~$1.1B | 股权结构表精度目前较弱 | 提供逐轮融资所得,包括老股交易和任何资产负债表债务 | 中 |
| 账上现金 | 无法估计现金跑道 | 最新资产负债表现金和受限现金 | ||
| 月度烧钱速度 | 无法测算资本需求 | 月度现金烧钱速度和按季度拆分的 FCF 趋势 | ||
| 现金跑道月数 | 没有依据判断融资依赖 | 带招聘假设的基准情景和下行情景现金跑道 | ||
| 债务 / 结构化义务 | 未公开披露 | 高级索偿权或契约未知 | 债务明细、供应商融资和契约条款摘要 | 低 |
| 下一次流动性触发因素 | Forbes 称 IPO 在 2024 年 8 月不是首要事项;公开路径仍是可选项,而非明确计划 | 下一估值标记时点的不确定性升高 | 董事会对 IPO、要约交易、债务或继续保持私有的看法 | 中 |
本表刻意强调能从公开证据推断什么、不能推断什么;它不重复公司概览中的完整融资时间线,而是聚焦当前融资可见度和资本充足性。
[CI015, CI016, CI017, CI018, CI020, CI043]公开财务标记共同指向数十亿美元估值,但在收入、累计融资和员工数上分歧很大。
所有值都是直接公开标记或有边界的公开估计,不是管理层确认的财务报表。
[CI015, CI016, CI020, CI028, CI033, CI048]4.3 联邦合同规模与公共部门交付模型
联邦和更广公共部门敞口是 Tanium 最强的收入质量代理指标之一,尽管实际联邦 ARR 未披露。Carahsoft 列示 Tanium 覆盖 NASA SEWP V 至 2026 年 9 月、Army ITES-SW2 至 2030 年 8 月,以及若干延伸到 2027-2028 年的州、地方和教育采购工具,这显著扩大了采购触达,无需每次都重新招标。Tanium 自有云和国防材料又增加第二层证据:公司营销面向美国政府的全托管 FedRAMP Moderate 云,称平台可云端或本地部署,并表示受到美国武装部队六个军种信任。这些事实不等于已确认联邦收入,但确实指向粘性公共部门分发、真实合规投入,以及能够支撑长期合同和伙伴中介扩张的 go-to-market 动作。财务含义对留存和 ASP 有利,但在 Tanium 披露订单或 ARR 中公共部门占比、通过渠道流动的比例,以及这些部署贡献的毛利率之前,判断仍不完整。[CI021, CI022, CI023, CI024, CI025, CI026]
| 公共部门规模信号 | 时间范围 | 证明什么 | 财务含义 | 尽调问题 |
|---|---|---|---|---|
| NASA SEWP V | 至 Sep. 30, 2026 | 联邦采购准入 | 支持管线和续约机会,无需新招标摩擦 | 报告通过 SEWP 获取的 ARR / 签约额 |
| Army ITES-SW2 | 至 Aug. 30, 2030 | 长期陆军 / 国防采购准入 | 增强国防渠道耐久性 | 按 DoD 采购载体提供积压订单、ARR 和扩张率 |
| CMAS、Maryland、Quilt | 至 2027-2028 | 州、地方和教育触达 | 把公共部门需求拓宽到联邦机构之外 | 披露 SLED 签约额和合作伙伴经济性 |
| FedRAMP Moderate TC-USG | 当前官方表述 | 面向政府机构的托管云合规态势 | 让云交付更容易卖进受监管买方 | 披露政府客户的云 ARR 和毛利率 |
| 美国武装部队六大军种 | 当前官方表述 | 深厚的国防可信度 | 说明客户背书黏性强,也有扩张空间 | 提供国防 ARR、续约和集中度数据 |
| 超过半数 Fortune 100 + 美国武装部队 | 联邦材料沿用的历史官方表述 | 企业级品牌和规模可信度 | 可支撑溢价定价,但可能掩盖集中度 | 提供头部账户 ARR 和客户 logo 到收入的转化 |
合同载体和官方联邦材料能证明采购触达和合规准备度,而不是已确认收入;机构可以通过这些渠道采购,但只有管理层能按载体量化已签 ARR 和毛利率。
[CI023, CI024, CI025, CI026, CI027]资本强度较少来自制造,更多来自混合交付、企业 / 联邦 GTM、人力密集支持和持续安全维护。
该矩阵是方向性且有证据支撑;它不会给每个驱动项分配未披露金额。
[CI023, CI024, CI028, CI036, CI041, CI042]4.4 单位经济代理、员工基数与成本结构信号
作为一家私营基础设施软件公司,Tanium 给出了异乎寻常多的定价线索,但直接单位经济披露仍很差。公开 NC 模块价格和 AWS 打包足以推断高端企业 ASP,并可计算出服务、云基础设施或伙伴毛利之前,每端点每年约 $78.30 的四模块软件栈。2026 年 Forrester TEI 发布稿提供了客户经济性补充:一个 48,000 端点的综合企业在不到六个月内回本,ROI 235%,补丁更快,MTTR 更低,软件回收效果强。这支持一个判断:当买方重视节省人力和运营速度时,Tanium 可以守住高端定价。员工基数也仍然大。公开员工数代理显示 Tanium 到 2025 年末超过 2,000 人,Revelio 估计为 2,539,招聘岗位继续增长;Unify 显示销售与支持、工程均有可观规模。对照公开约 $700 million 的规模标记,这意味着每名员工收入约 $276,000-$350,000。成本侧主要提醒是:公司仍是混合式且支持负担重,而不是纯云;用户评论也持续提到成本和实施复杂度。[CI028, CI029, CI030, CI031, CI034, CI035]
| 指标 | 公开值 / 代理值 | 置信度 | 为什么重要 | 尽调问题 |
|---|---|---|---|---|
| 收入 / ARR 规模 | ~$700M(2024-2025 公开信号) | 中高 | 为估值和销售效率测算定锚 | 按年份和产品线提供经审计 ARR 与 GAAP 收入 |
| 云 ARR 占比 | ~$300M 云 ARR,~40% YoY 增长 | 中 | 帮助判断结构迁移和未来毛利率路径 | 拆分云与本地部署 ARR 及毛利 |
| 盈利能力代理 | >10% 自由现金流率,EBITDA 已盈利(Forbes 2024 年 8 月) | 中 | 表明存在经营杠杆 | 提供经审计 EBITDA、FCF 和 SBC 调节表 |
| 人均收入 | ~$276k-$350k,基于 $700M 和 2,000-2,539 人员规模代理值 | 中 | 企业软件粗略生产率基准 | 确认当前 FTE、承包商负载和区域结构 |
| 员工规模增长 | 2025 年底前 2,000+ 名员工;2025 年活跃招聘 196 个 | 中 | 显示公司继续投入,也带来运营支出负担 | 按职能提供招聘计划和承担销售配额的人数 |
| 客户价值 / 回本周期 | 48,000 终端组合部署的 235% ROI、$20.1M 收益、<6 个月回本 | 中 | 如果客户结果可复现,支撑高端定价 | 分享客户基准数据和实际部署周期 |
| 运营效率 | TEI 研究中补丁效率提升 95%,MTTR 降低 75% | 中 | 解释付费意愿和续约黏性 | 按细分市场提供实测客户成效基准 |
| 定价压力 | 评论反复提到成本高、复杂度高 | 中 | 可能压缩实际净价或扩张速度 | 提供赢单 / 输单、折扣和续约流失原因 |
| 毛利率 | 低 | 支撑估值倍数的核心承销阻塞项 | 按云、本地部署、硬件和服务提供产品线毛利率 | |
| 现金 / 烧钱速度 / 现金跑道 | 低 | 缺少流动性数据,无法评估融资依赖 | 提供最新现金余额、月度烧钱速度和下行情景现金跑道 |
公开代理值只适合做方向性承销;空白单元格表示这些指标在所有已引用公开来源中仍未披露,因此需要私下尽调。
[CI011, CI012, CI021, CI022, CI028, CI029]公开的单位经济模型叙事从可观察的按端点标价开始,落到强客户结果代理指标;但内部毛利率和留存环节仍未披露。
$78.30 的每端点年代理值只加总四个 NC 定价软件模块,未纳入折扣、服务、伙伴毛利、基础设施和税费。
[CI021, CI022, CI028, CI029, CI034, CI045]4.5 财务结论与承销阻塞点
Tanium 的公开案例方向上强:在所有可用的 2024 年 5 月之后估值标记上,公司看起来规模大、聚焦企业,并且仍值数十亿美元。公开采购文件给出真实变现细节;联邦材料显示持久公共部门相关性;客户价值研究和招聘数据也表明 Tanium 仍在为规模投入,而不是榨取一个萎缩的业务。投资问题在精度,不在存在性。收入代理彼此矛盾,累计融资数字彼此矛盾,公开市场看不到毛利率、NRR、客户集中度、现金、烧钱速度或现金跑道。近期安全公告和 Howard 诉讼也意味着投资人不能把 Tanium 当作没有治理或产品风险阴影的纯净软件可比公司。我的财务结论因此是:规模、收入质量和长期估值底线为正,但真实利润率路径和资本充足性仍不完整。正确下一步不是争论 Tanium 是否高于 $1 billion;而是在从这里承销估值上行前,拿到董事会材料、股权结构表、队列留存切片和产品线 P&L。[CI020, CI033, CI036, CI037, CI038, CI039]
| 缺失指标 | 当前最佳公开代理 | 影响 | 精确尽调路径 |
|---|---|---|---|
| 按云 / 本地部署 / 服务拆分的毛利率 | 无直接披露 | 无法检验收入质量,也无法支撑软件估值倍数 | 索取产品线 P&L 和毛利率调节表 |
| NRR、GRR 和流失 | 无直接披露 | 无法判断收入耐久性或落地-扩张经济性 | 索取队列留存表和续约瀑布图 |
| 折扣后的实际净价 | 只有 NC 标价和 AWS 打包信息 | 公开标价可能高估 ASP,并低估服务负担 | 按细分市场导出报价到收款数据和折扣表 |
| 联邦 / 公共部门收入结构 | FedRAMP + 合同载体 + 军方 / 客户证据 | 无法判断公共部门集中度或利润率结构 | 按公共部门项目提供 ARR、签约额和渠道利润率 |
| 现金 / 烧钱速度 / 现金跑道 | 无直接披露 | 仍无法判断资本依赖 | 提供过去十二个月现金流和当前现金跑道计划 |
| 累计融资 / 股权结构表对账 | $470.94M 与 ~$1.1B 冲突 | 持股比例和清算优先权分析不完整 | 提供股权结构表、董事会同意书和各轮交割备忘录 |
| 客户集中度 | 标杆客户声望公开;收入占比未公开 | 不能只凭头部客户名单判断账户风险 | 提供前 20 大客户 ARR 和续约集中度 |
| 云与本地部署毛利结构 | ~$300M 云 ARR,且设备 SKU 仍可见 | 利润率路径取决于结构迁移,但公开证据不完整 | 按交付模式提供 ARR、签约额和毛利 |
每一行都是具体承销阻塞项或不确定性向量;精确尽调路径刻意保持运营化,便于管理层用数据室导出回答,而不是给叙事性答案。
[CI020, CI033, CI043, CI045, CI048]4.6 附证
05产品与技术
5.1 平台定义与模块地图
Tanium 的公开产品叙事已经围绕 Autonomous IT 和 Autonomous Endpoint Management 收拢,而不是一串松散的点工具菜单。官方页面、AWS Marketplace 列表和评论覆盖中的共同线索,是一个工作流承诺:让 IT、安全和风险运营者在一个地方看见端点状态、判断什么重要,并采取行动,而不用等待过时扫描或转交给另一个运营控制台。最具体的公开打包证据来自 AWS Marketplace,它把 AEM 栈描述为四个解决方案领域——Core、Endpoint Management、Risk & Compliance、Incident Response——再详细说明各自应做什么。实践中,这意味着 Tanium 正把实时资产可见性、补丁和软件执行、风险 / 合规优先级排序,以及事件闭环作为一个运营循环销售。正面读法是工具蔓延减少,IT 与安全协同更好。提醒在于,公开品类叙事比公开模块文档更宽,因此尽调应区分营销范围和参考客户实际部署的内容。[CE001, CE002, CE003, CE004, CE005, CE006]
| 模块 / 资产 | 主要用户 | 公开成熟度 / 状态 | 差异化信号 | 尽调缺口 |
|---|---|---|---|---|
| Core | IT 运维、安全运营、风险团队 | AEM 内已公开确立的产品打包 | 专利实时数据层,定位为端点状态的单一真实来源 | 需要大型终端规模下独立延迟和资源占用基准 |
| Endpoint Management | 端点工程、办公 IT | AEM 内已公开确立的产品打包 | 一个控制台覆盖跨平台配置、补丁、第三方软件部署、策略执行和性能监控 | 公开证据仍更能证明覆盖广度,而不是相对专业 UEM 工具的深度 |
| Risk & Compliance | CISO、GRC、漏洞团队 | AEM 内已公开确立的产品打包 | 实时风险评分、合规配置、敏感数据发现和运行时 SBOM 主张 | 商业云认证范围和风险优先级准确性的独立验证仍薄弱 |
| Incident Response | SOC、IR 团队 | AEM 内已公开确立的产品打包 | 从事件发现到修复只用一套工具跑完,同时增强既有 EDR 和 SIEM | 需要更清楚的公开文档说明原生动作到哪里为止、伙伴工具从哪里接手 |
| Atlas / Tanium Ask / AI Agent for ServiceNow(AI 产品线) | 平台管理员、安全运营人员、服务台 | 2026 年新发布产品面 | 智能体工作流、动态页面、环境型智能体、Now Assist 嵌入,以及不绑定模型的端点上下文 | 护栏、审批边界和生产就绪证据尚未在公开材料中充分说明 |
状态标签依据公开产品打包和发布证据,而不是私有使用数据。AI 行代表 2026 年新发布产品面,不等同于长期 GA 成熟度。
[CE001, CE002, CE003, CE004, CE005, CE006]| 用户任务 | 当前工作流问题 | Tanium 工作流 | 可衡量收益 / 证据 | 已知限制 |
|---|---|---|---|---|
| 实时资产可见性 | 团队依赖过期扫描、割裂工具和手工验证 | Core 和 Endpoint Management 查询当前端点状态,呈现共享运营视图 | 官方和评测来源都强调大型资产群的实时可见性与控制力 | 公开证明更偏叙事,独立延迟基准不足 |
| 补丁和软件上线 | 在大型中心辐射式环境里,传统补丁可能耗时数天或数周 | 线性链式分发叠加 Endpoint Management,目标是在大规模下更快推送包和动作 | AWS Marketplace 称首轮补丁成功率可从 60-80% 提升到 99% 以上 | 99% 主张以及重负载下 CPU 影响的独立验证并未公开 |
| 风险和合规优先级排序 | 漏洞、合规和敏感数据发现常分散在不同工具里 | Risk & Compliance 汇总端点发现,并声称提供运行时 SBOM 和集成修复 | Marketplace 文案称 Tanium 在一个平台收集数百万资产的风险数据 | 公开材料中的商业认证范围和第三方审计细节仍有限 |
| ITSM 和 CMDB 同步 | ServiceNow 中的资产数据常常到得晚、上下文不一致 | Service Graph Connector 拉取 Tanium 资产视图,写入 CMDB 和软件安装记录 | ServiceNow 文档展示了具体的 CMDB 和发现来源记录创建流程 | 连接器设置依赖 token 管理、自定义视图和网络前置条件 |
| SOC 和 IR 提速 | 分析师在 SIEM、EDR、工单和端点工具之间来回切换 | Incident Response、Tanium Ask 和 ServiceNow AI 智能体旨在缩短从调查到动作的闭环 | Channel Insider 描述了 Now Assist 工作流中的引导式分诊,以及重启或卸载动作 | 已发布证明偏路线图,缺少广泛客户结果数据 |
| 大规模企业运营 | 大型买方需要一个平台覆盖数千到数百万个端点 | Tanium 向端点工程和安全团队销售一套统一运营模型 | GetApp 称该平台适合从数千到数百万端点的部署 | PeerSpot 和 AWS 内嵌评测仍提到复杂度、价格和 UI 学习曲线 |
收益单元格混合官方、伙伴和评测证据。除非明确标为评测反馈,量化性能主张均来自厂商或 Marketplace。
[CE003, CE004, CE005, CE006, CE013, CE017]公开运营流程从实时端点状态开始,经过优先级排序和伙伴系统,最后回到同一控制平面验证结果。
该流程抽象了 IT 运营和安全用例。图中不声称每一步的时间,只聚焦顺序和依赖。
[CE003, CE004, CE005, CE006, CE011, CE018]5.2 架构与部署模型
最清楚的公开技术差异点仍是 Tanium 获专利的线性链式端点通信模型。在公司自己的架构简报中,传统中心辐射式工具会压垮 WAN 网段,在数万端点以上性能下降,并可能把紧急补丁拉长到数天或数周。Tanium 主张其线性链式方法把大部分流量转移到本地网络路径上,并大幅压缩大型软件分发任务所需的链外连接数量。这个架构主张很重要,因为当前产品表面依赖近实时遥测:AWS Marketplace 列表和 Tanium 架构材料都把 Core、生命周期管理和风险工作流描述为基于当前端点状态运行,而不是周期性扫描。公开伙伴文档也显示 Tanium 横跨多种部署形态。已发布证据支持 Tanium Cloud、本地打包和联邦政府云姿态;ServiceNow 指南则展示管理员在集成可靠运转前必须满足的具体网络和令牌依赖。[CE009, CE010, CE011, CE012, CE013, CE020]
| 层 / 组件 | 在运营模型中的角色 | 关键依赖 | 技术风险 |
|---|---|---|---|
| Tanium 客户端加线性链式通信 | 收集当前端点状态,并通过对等链传播查询、包和动作 | 端点可达性、本地网络拓扑和链路健康度 | 高度依赖通信效率,网络配置不当会削弱价值主张 |
| Tanium Server / Cloud 控制平面 | 协调策略、连接、集成和用户工作流 | 云端或本地控制平面可用性;客户端到 Tanium Cloud 17472 端口的出站连接 | 控制平面运维故障会同时影响多个解决方案领域 |
| Core 数据层 | 维护其他模块使用的实时状态和单一真实来源叙事 | 受管端点遥测完整性,以及有权限访问资产视图 | 状态时效性和准确性的独立公开证明有限 |
| Endpoint Management 工作流层 | 执行配置、补丁、软件部署、策略执行和性能工作流 | 模块权益、包质量和链路带宽表现 | Marketplace 和评测证据显示,高强度操作时存在学习曲线与性能风险之间的取舍 |
| Risk & Compliance 层 | 汇总漏洞、合规和敏感数据发现,并声称提供运行时 SBOM | 发现质量、规则内容和下游修复流程 | 公开文档没有充分披露模型逻辑、商业信任范围或有基准的修复结果 |
| 集成层(Connect、ServiceNow、Sentinel) | 将数据和动作送入 CMDB、SIEM、ITSM 和聊天式工作流 | 伙伴 API、token 认证、自定义视图和连接器维护 | 高价值自动化往往依赖连接器,而不是完全原生 |
| AI / Atlas 层 | 增加 Tanium Ask、环境型智能体、模型集成路由和 AI 引导的动作编排 | 开放 API、MCP 暴露、模型提供方和治理控制 | 发布叙事很强,但权限和护栏的公开文档仍有限 |
风险表述区分直接证据和分析师推断。这里列出的依赖只包括公开文档和伙伴设置指南中直接可见的内容。
[CE009, CE010, CE011, CE012, CE013, CE017]Tanium 的公开产品栈以专利端点通信打底,上面叠加模块工作流、集成以及 2026 年 AI 界面。
这些层是功能层,不是字面部署边界。ServiceNow、Sentinel 等伙伴系统出现在会实质改变工作流或数据流的位置。
[CE002, CE003, CE004, CE005, CE009, CE014]Tanium 的产品价值依赖端点可达性、控制平面,以及处理 CMDB、SIEM 和工作流执行的伙伴系统。
边从工作流组件指向其所需依赖。该图基于公开证据,不是完整内部服务图。
[CE017, CE018, CE019, CE020, CE021, CE023]5.3 集成与开发者界面
Tanium 的生态比其不大的开源足迹看起来更真实。公司开放了公共开发者门户、API 接入和开发者社区,而其公开 GitHub 组织只显示四个仓库和一个明显非核心的工作流工具 octobot。这个组合意味着 Tanium 对集成友好,但不是开源驱动。更深的证据来自伙伴文档。Microsoft 的 Azure Sentinel 连接器依赖 Tanium Connect 和 Azure Logs Ingestion Workspaces,因此集成在运营上有意义,但仍是基于连接器。ServiceNow 更进一步:Tanium Service Graph Connector 要求 Tanium Cloud 资产视图,写入 CMDB 和软件安装记录,并管理自己的令牌认证和轮换逻辑。ServiceNow Store 中专门的 Tanium SDK 列表进一步说明这些工作流已经产品化。关键尽调细节是,许多高价值动作仍依赖伙伴系统——CMDB、SIEM、Now Assist 或工单层——而不是只靠 Tanium 原生执行。[CE014, CE015, CE016, CE017, CE018, CE019]
5.4 AI 功能与路线图表面
Tanium 的 2026 年产品路线图从自主端点管理推进到更宽的 Autonomous IT 运营模型。公开新闻和独立报道把 Atlas 描述为一个自主操作系统,能够在受治理的体验中把一个运营者的意图转为引导式行动。重要技术细节不是营销形容词,而是 Atlas 附带的架构主张:动态页面生成、环境式智能体、前沿模型集合,以及 Tanium 称覆盖超过 36 million 个端点、并通过开放 API 和 MCP 暴露的数据层。Channel Insider 又提供了更务实的视角,把 Tanium Ask 描述为用于数据发现、软件管理、总结、文档和安全分诊的首个智能体式 AI 层,并提到 Tanium AI Agent for ServiceNow 可以把端点上下文拉入 Now Assist,并从聊天触发行动。路线图方向上有吸引力,但关于护栏、权限和审批边界的公开技术文档仍比发布叙事薄。[CE027, CE028, CE029, CE030, CE031, CE032]
| 日期 / 时期 | 功能或里程碑 | 公开状态 | 含义 | 来源视角 |
|---|---|---|---|---|
| 2023-11 | TC-USG FedRAMP 授权 | 仍在线,并可在 FedRAMP Marketplace 看到 | 联邦部署态势已经建立,不是新承诺 | 监管加厂商确认 |
| 2026-05 | Tanium Atlas 自主操作系统 | 已公开发布 | 路线图转向引导式、模型驱动运营,不再只靠固定模块导航 | 独立报道加通讯稿 |
| 2026-05 | Tanium Ask | 在 Converge 2026 公开描述 | 为发现、软件管理、总结和分诊加入智能体式 AI | 独立会议报道 |
| 2026-05 | Tanium AI Agent for ServiceNow(ServiceNow AI 智能体) | 在 Converge 2026 公开描述 | 将 Tanium 上下文直接推入 Now Assist 和动作工作流 | 独立会议报道 |
| 2026-05 | Tanium-ServiceNow 联合自主 IT 解决方案 | 已公开宣布 | 说明与 ServiceNow 的补丁和修复工作流捆绑更深 | 独立新闻报道 |
| 2026-05 | 公开 Microsoft Sentinel 连接器活动 | 可见于 2026 年 5 月更新的公开 GitHub 内容 | 说明即便没有大型开源产品足迹,生态集成工作仍在继续 | GitHub / 伙伴文档 |
各行混合发布、公开路线图界面和运营里程碑。日期仅限于抓取源 URL 或页面元数据中明确可见的内容。
[CE015, CE017, CE021, CE027, CE028, CE029]Core 可视性和生命周期控制看起来已成熟;2026 AI 层仍有前景,但文档更少、独立验证也更少。
评级是基于公开证据质量、集成深度和独立信号作出的定性判断,不是内部使用指标。
[CE002, CE009, CE017, CE021, CE027, CE029]5.5 信任、合规与技术风险
Tanium 的公开信任信号最强在联邦部署证据,最弱在可读的商用云控制细节。公司可以指向 FedRAMP Marketplace 上 TC-USG 的 Class C Moderate 在线列表,Tanium 自己的公告也佐证了该联邦授权。但产品风险图景更混合。Tanium 维护公开安全公告门户,并披露了 2026 年多个模块的一连串问题,包括 Asset、Interact、Discover、Threat Response、TanOS 和 Patch Endpoint Tools。Asset 中具体的 SQL 注入问题(CVE-2026-2435)为中等严重度且需要认证权限,因此不是生存级风险,但它提醒人们:Tanium 越来越宽的控制平面扩大了攻击和维护表面。独立用户也反复指出 UI 复杂、集成摩擦、部署负担和价格问题。这不否定 Tanium 在企业规模上的价值,但说明即便技术愿景成立,产品在运营上也可能很吃力。[CE021, CE022, CE024, CE025, CE026, CE035]
| 控制 / 信号 | 公开状态 | 范围 | 支撑什么 | 缺口或担忧 |
|---|---|---|---|---|
| TC-USG 的 FedRAMP 认证 | 已在 FedRAMP Marketplace 确认 | Tanium Cloud for US Government, Rev5, Class C Moderate(政府云认证) | 联邦部署可信度和公共部门采购准备度 | 未说明商业云版图的认证范围 |
| FedRAMP 授权公告 | Tanium 新闻稿确认 | Tanium Cloud for U.S. Government,中等影响级别 | 用厂商叙事印证仍在线的 Marketplace 列名 | 公告是历史材料,不能替代当前控制包证据 |
| 公开安全公告门户 | 2026 年仍在线并定期更新 | 跨模块产品面,包括 Server、Interact、Discover、Asset、TanOS 和 Patch 工具 | 展示了可见的修复和披露流程 | 也说明不断扩大的模块面持续带来维护工作 |
| CVE-2026-2435 修复 | Tanium 公告和 NVD 确认 | Asset 模块;中等严重度 SQL 注入,需要已认证权限 | 具体显示问题会连同受影响版本和修复方案披露 | 凸显资产层中受权限约束但真实存在的风险 |
| ServiceNow token 认证和自动轮换指引 | 存在公开实施指引 | Tanium Cloud 与 ServiceNow 之间的连接器认证 | 显示集成安全不止停留在简单共享凭证 | 如果管理员复用 token 或误管可信 IP 边界,运营上会很脆弱 |
本表只列公开可读的控制或信任信号。它有意不声称公开材料无法直接核验的商业云认证。
[CE019, CE021, CE022, CE024, CE025, CE026]06客户情况
6.1 客户覆盖、买方匹配与规模证据
Tanium 的公开客户证据指向一个窄但可防守的客户基础:超大型企业和公共机构,它们更在意实时控制、合规和运营规模,而不是中端市场的低摩擦部署。公司当前客户页称,Tanium 服务 50% 的 Fortune 100、美国前五大银行中的四家,以及美国武装部队全部六个军种。同一公开表面把这些集中度标记与运营结果数据配在一起,包括引用研究中的补丁效率提升 95%、生产率提升 70%、MTTR 降低 75%。具名证据也集中在超大型端点群:AstraZeneca 约 125,000 个端点,Zurich 超过 100,000 个,JLL 接近 90,000 个,City of Phoenix 超过 20,000 个。这意味着 Tanium 的甜蜜点是高价值资产场景,在那里安全、IT 运营和合规团队共享同一端点数据平面。仍缺失的是分母披露:Tanium 公开营销集中度标记和旗舰客户标识,但不披露准确活跃客户数或分部收入组合。[CU001, CU002, CU003, CU004, CU005, CU006]
| 细分市场 | 买方 / 用户 / 付款方 | 用例 | 规模 | 收入 / 战略价值 | 缺口 |
|---|---|---|---|---|---|
| 联邦国防和民用机构 | 机构 CIO / CISO;端点和网络安全团队;联邦采购办公室 | 实时端点可见性、KEV 修复、合规证据、涉密 / 非涉密工作负载支持 | 公司页面显示覆盖 6/6 美国武装部队和主要民用机构 | 战略价值高:合规驱动预算和长生命周期任务系统 | 未按机构披露活跃席位数、授标金额和续约节奏 |
| 州和地方政府 / 公用事业 | 公共部门 CIO / 安全负责人;基础设施运营;合作采购办公室 | 覆盖分布式市政或公用事业端点的补丁、事件响应和可见性 | City of Phoenix 20K+ 端点;Metropolitan Water District 公开背书;Texas DIR 合同 | 战略价值高:采购入口加关键基础设施相关性 | 公开案例没有显示席位增长、合同规模或续约状态 |
| 全球受监管企业 | CISO 和 IT 运维负责人;安全工程;采购 | 端点安全、补丁、风险降低和跨团队运营控制 | 50% 的 Fortune 100;美国前五大银行中的 4 家;AstraZeneca 125K 端点;Zurich 100K+ 端点 | 高:Tanium 规模能力重要的高端、合规敏感资产群 | 银行客户名称和细分 ARR 贡献未披露 |
| 工业和消费品牌 | 安全运营和端点管理团队;IT / 安全共享预算负责人 | 大型分布式终端群的合规、漏洞降低、统一仪表盘和自动化 | ABB、Whirlpool 和 Colgate 是具名客户背书 | 中高:证明复杂设备资产群中的 ROI 和运营杠杆 | 大部分证据来自厂商筛选的案例研究,而非独立审计 |
| 分布式服务和房地产运营商 | CISO、攻防安全和平台团队;负责供应商整合的 CIO / 采购 | 在全球分布式资产群中整合供应商、统一可见性并标准化控制 | JLL 在 80+ 个国家接近 90K 端点 | 高:支持平台整合和伙伴驱动扩张 | 公开证据集中在少数标杆账户,而不是已披露长尾 |
各行强调战略价值和公开证明质量,而不是未披露的细分收入。Tanium 不公布客户数、细分 ARR 或地理客户组合,因此规模单元格只使用具名部署和集中度标记。
[CU001, CU002, CU003, CU004, CU005, CU008]| 指标 | 值 | 日期 | 来源 | 置信度 | 含义 | 缺失分母 |
|---|---|---|---|---|---|---|
| Fortune 100 客户渗透率 | 50 | 2026-05-08 | Tanium 客户页面 | 中 | 显示已渗透美国最大型企业 | 未披露确切公司名单和 ARR 占比 |
| 使用 Tanium 的美国顶级银行 | 4 of 5 | 2026-05-08 | Tanium 客户页面 | 中 | 说明在高度受监管金融环境中实力较强 | 具名银行背书和续约历史未披露 |
| 被引用的美国武装部队军种 | 6 of 6 | 2026-05-12 | Tanium 联邦页面 / 客户页面 | 高 | 对一家私营端点平台而言,显示国防渗透异常深入 | 没有逐军种合同金额或活跃席位数 |
| AstraZeneca 部署规模 | 125000 | 2025-12-30 | AstraZeneca 案例研究 | 中 | 证明适合制药规模端点资产群 | 未披露合同金额或模块组合 |
| Zurich 部署规模 | >100000 | 2026-01-20 | Zurich 案例研究 | 中 | 显示适合跨国保险公司资产群 | 未披露续约或扩张细节 |
| JLL 部署规模 | 90000 | 抓取时仍为当前 | Microsoft 客户故事 / Tanium 客户页面 | 高 | 全球商业账户的伙伴佐证 | 未披露合同金额或模块组合 |
| City of Phoenix 部署规模 | >20000 | 2025-12-30 | City of Phoenix 案例研究 | 中 | 确认不只是 logo,州 / 地方政府也有相关性 | 只有单城证明;没有州级分母 |
| TEI 研究中的综合企业 | 48000 | 2026-03-19 | Business Wire / Forrester TEI 公关稿 | 中 | 支撑 Tanium 在大型企业的价值叙事,但不能证明超大规模资产群 | 综合研究,不是披露的单个客户 |
这张轨迹表混合集中度标记和具名部署规模,因为 Tanium 不公布总活跃客户数。数值是当前公开观察或客户故事数字,不是一条连贯披露的漏斗。
[CU001, CU002, CU003, CU007, CU008, CU012]6.2 具名部署与可量化结果
Tanium 客户证据中最强的部分,是多个具名参考客户披露了真实部署规模或可衡量运营结果,而不是只列 logo。AstraZeneca 称 Tanium 支撑约 125,000 个端点上的 IT 系统和研发运营,把一个补丁流程从一周缩短到 10 分钟,并帮助无中断发现 Log4j 暴露。City of Phoenix 报告超过 20,000 个托管端点,补丁周期时间降低 75%。Zurich 称 Tanium 帮助保护超过 100,000 个端点,并通过自动化补丁每月节省最多 100 个资源小时。Whirlpool 描述了从碎片化工具迁移到统一控制平面;ABB 估计 ROI 14x,并节省数十万人时。JLL 作为跨领域证据尤其有价值,因为 Microsoft 独立说明,JLL 在 80 多个国家近 90,000 个端点上把 Tanium 与 Defender for Endpoint 一起使用,并将网络安全支出削减 20%。局限在于,这些仍是精选参考:它们证明重要账户中的生产价值,但不能揭示更广客户基础是否以类似速度续约或扩张。[CU011, CU012, CU013, CU014, CU015, CU016]
| 客户 | 细分市场 | 部署 / 用例 | 生产环境还是试点 | 结果 | 限制 |
|---|---|---|---|---|---|
| AstraZeneca | 制药 / 受监管全球企业 | Tanium 与 ServiceNow 和 Microsoft 集成,支持覆盖 125K 端点的研发和 IT 运营 | 生产环境 | 补丁落地任务从一周缩短到 10 分钟;Log4j 检测造成 0 次中断 | 结果指标由公司声称,续约状态未公开 |
| City of Phoenix(客户) | 市政府 | 覆盖 20K+ 端点和 14K 员工的补丁管理与协作 | 生产环境 | 补丁周期缩短 75%;跨工具培训负担降低 | 单城案例研究;无合同期限或扩张数据 |
| Zurich | 保险 / 跨国企业 | 100K+ 端点的端点保护和补丁自动化 | 生产环境 | 每月最多节省 100 个资源小时 | 无公开定价、模块组合或留存数据 |
| JLL | 房地产 / 分布式服务 | Tanium 加 Microsoft Defender for Endpoint 覆盖 80+ 个国家接近 90K 端点 | 生产环境 | 通过整合供应商,网络安全支出减少 20% | 合作伙伴撰写的证明;未单独拆出 Tanium 经济性 |
| Whirlpool | 制造业 / 消费家电 | 全企业统一的终端发现、管理和修复 | 生产环境 | 不合规设备几乎一夜之间从 5–10% 降至 1% 以下 | 公开材料未披露终端数量或合同范围 |
| Colgate-Palmolive | 消费品 / 全球企业 | 实时终端可见性,并打通安全与 IT 运营协作 | 生产环境 | 事件响应更快,数据更新到分钟级,自动化程度更高 | 成果证明以定性为主,未量化 |
| Metropolitan Water District | 公用事业 / 水务基础设施 | Tanium-Microsoft 集成,用于终端安全与响应 | 生产环境 | 平均响应时间最多改善 20% | 公开证明能说明工作流改善,但规模和支出披露不足 |
| ABB Electrification | 工业自动化 / 制造业 | ABB Electrification Americas 的终端合规和运营控制 | 生产环境 | 估计 ROI 达 14 倍,并节省数十万人时 | ROI 由公司估算,且限定于特定地区 |
这是截至运行日,在抓取的 Tanium、Microsoft、Carahsoft 和 FeaturedCustomers 页面上可见的公开具名案例部分清单。它能证明生产环境部署,但不能代表整个已安装客户群的抽样。
[CU011, CU012, CU013, CU014, CU015, CU016]从结果具体度、部署规模可见度和留存可见度,看 Tanium 具名参考案例的证据质量。
证据质量按佐证深度排序,并看公司案例之外是否有独立或合作伙伴来源补充。留存可见度整体偏低,因为公开具名参考案例都没有确认当前订阅状态或续约历史。
[CU013, CU015, CU017, CU021, CU023, CU024]6.3 联邦与公共部门采购证据
公共部门证据对 Tanium 异常重要,因为它能把仅仅贴近联邦的营销,与真实可购买、可部署的姿态分开。Tanium 联邦解决方案页面明确表示平台部署在美国武装部队和主要联邦机构,并把产品与 EO 14028、CISA 的 KEV 驱动修复要求、资产可见性要求、NIST 800-53、CMMC 2.0 和 CDM 工作流相连。Business Wire 的 FedRAMP 公告补充了历史背景:Tanium 称其技术在 Tanium Cloud for U.S. Government 获授权时已经支持美国国防部五个军种和民用机构。今天的 FedRAMP Marketplace 列表、Carahsoft 当前合同工具目录、Texas DIR 有效合作合同,以及 Carahsoft 公共部门案例研究名单进一步强化了这一姿态;名单中包括 State of Arizona、海军网络防御者和一家替换 BigFix 的政府机构。合在一起,这些来源说明 Tanium 的公共部门动作既靠功能,也靠采购和合规能力。[CU027, CU028, CU029, CU030, CU031, CU032]
| 证据 | 公开证明 | 日期 / 状态 | 战略含义 | 局限 |
|---|---|---|---|---|
| 国防覆盖 | 客户和联邦页面称,Tanium 已部署到美国武装部队 6/6 个军种 | 当前公开营销表述 | 支撑其在任务关键型终端资产中的可信度 | 未披露各军种支出和席位数 |
| 民事机构覆盖 | 联邦页面称,主要民事机构信任 Tanium | 当前公开营销表述 | 说明其牵引力不只来自国防账户 | 抓取页面未逐一列出机构名称 |
| FedRAMP 列示 | FedRAMP Marketplace 列出 Tanium Cloud for US Government (TC-USG) | 当前列示 | 扫除联邦买家采购云服务的一个核心障碍 | 列示不披露客户数或使用量 |
| FedRAMP 授权背景 | Business Wire 称,授权宣布时,Tanium 技术已支撑五个 DoD 军种和民事机构 | 2023-11-14 | 显示当前列示前已有联邦业务足迹 | 历史新闻稿表述,不是经审计的授予台账 |
| 合同工具 | Carahsoft 列出有效期至 2028 年的 GSA MAS 47QSWA18D008F,以及 SEWP V、ITES-SW2、CDM、NASPO 和 Texas DIR | 当前合同目录 | 提升联邦、州和地方采购路径的可买性 | 能采购不等于已形成收入 |
| Texas DIR 合作采购工具 | DIR-CPO-5687 处于有效状态,可直接采购,并可由州 / 地方 / 公立教育 / 公共实体使用至 2031 年 | 有效合同 | 为 Tanium 销售打开一条长期州和地方渠道 | 页面未披露授予历史或终端客户规模 |
| 公共部门案例研究名单 | Carahsoft 案例研究页面点名 State of Arizona、海军网络防御人员,以及一个替换 BigFix 的政府机构 | 当前合作伙伴页面 | 补充了 Tanium 在公共部门有部署叙事的非 Logo 证据 | 名单由渠道合作伙伴筛选,不是完整安装基数 |
这些行证明采购准入和一定部署深度,但不能替代逐项授予支出、席位数或续约披露。公共部门证据在可采购性和合规性上更强,在披露的收入集中度上更弱。
[CU028, CU029, CU030, CU031, CU032, CU033]6.4 满意度信号与持久性缺口
Tanium 的持久性叙事可信,但仍不完整。正面看,独立评论平台表现好于人们对复杂端点平台的预期:TrustRadius 在 30 条评论中得分 9.2/10,PeerSpot 显示 3.9/5 且 80% 愿意推荐,SoftwareReviews 报告推荐可能性 93、续约计划 99。这些都是有意义的代理,说明已经投入平台的客户通常仍保持参与。负面也一致。评论和应用市场来源反复指出价格、实施工作量、支持摩擦,以及对有经验运营者的需求;PeerSpot 特别提到集成并不简单,策略可能需要三到四天才反映出来,AWS Marketplace 评论也提到复杂和昂贵。Gartner 产品页同时捕捉到正面和批评性评论。核心尽调问题是,Tanium 仍未公开披露 NRR、GRR、流失率、队列留存或准确活跃客户数,因此公开持久性仍是代理判断,而不是直接测量的收入留存事实。[CU036, CU037, CU038, CU039, CU040, CU041]
| 指标 | 数值 / null | 分群 | 置信度 | 尽调要求 |
|---|---|---|---|---|
| 精确活跃客户数 | 全部客户 | 不可得 — 未公开披露 | 要求提供总活跃客户数,并按企业、联邦、州 / 地方拆分 | |
| 净留存率(NRR) | 全部客户 | 不可得 — 未公开披露 | 要求按产品线和主要分群提供 NRR | |
| GRR / 总流失率 | 全部客户 | 不可得 — 未公开披露 | 要求提供总流失率、Logo 流失率和队列留存表 | |
| TrustRadius 评分 | 9.2 / 10(30 条评论) | 企业买家 | 中 — 独立评论平台 | 验证评论样本是否偏向成功的重度用户 |
| PeerSpot 口碑 | 3.9 / 5;80% 愿意推荐 | 安全从业者 | 中 — 独立评论平台 | 与聚焦实施难度的企业客户访谈交叉验证 |
| SoftwareReviews 续约代理指标 | 99 计划续约;93 可能推荐;83% 正面情绪 | 受评客户样本 | 中 — 独立评论平台 | 要求提供原始评论数量和分群构成,以判断代表性 |
| Gartner 产品页快照 | 可见一条正面 4.0 评论和一条批评性 3.0 评论 | 终端管理买家 | 中 — 独立评论入口 | 要求更多客户证明,判断负面反馈是边缘个案还是系统性问题 |
| 云市场信号 | AWS Marketplace 评论好坏不一,但仍提到强实时可见性和自动化价值 | 云市场评估者 | 中低 — 样本小 | 不要高估 3 条 AWS 评论;只把它当作方向性的摩擦信号 |
留存证据大多是代理指标。公开来源显示满意度和续约意向为正,但 Tanium 未披露直接收入留存指标,评论样本也是自选样本,并非经审计队列。
[CU036, CU037, CU038, CU039, CU040, CU041]6.5 扩张循环与集中度风险
公开证据中最清楚的扩张模式不是横向客户标识数量,而是在已经很大的资产内部加深标准化。AstraZeneca、JLL 和 Metropolitan Water District 都把 Tanium 与 Microsoft 工具结合表述;Colgate、Whirlpool、Zurich 和 Phoenix 则强调跨安全与 IT 运营的统一工作流,而不是一次性模块。这说明 Tanium 通过成为其他安全和服务管理工具依赖的实时数据与行动层来扩张。但同一模式也制造集中度风险。如果客户证据过度来自 Fortune 100 企业、头部银行、武装部队军种和其他大型强监管账户,那么增长就依赖相对少数高价值采购中心,而这些中心采购周期长、实施工作重。公开记录也不披露头部客户集中度、分部 ARR 组合、续约队列或合同期限分布。实践中,Tanium 拥有一个有吸引力的先落地再扩张叙事,但其持久性仍取决于管理层证据,而不是仅靠公开证据。[CU045, CU046, CU047, CU048, CU049, CU050]
| 事项 | 类型 | 影响 | 尽调路径 |
|---|---|---|---|
| 现有客户资产中由 Microsoft 带动的扩张 | 扩张驱动因素 | 高度正面:AstraZeneca、JLL 和 Metropolitan Water District 显示,Tanium 正在作为 Microsoft 安全工具旁边的运营层扩张 | 要求按账户提供模块附加率和 Microsoft 联合销售贡献 |
| 大规模终端资产的自动化和合规工作负载 | 扩张驱动因素 | 高度正面:终端规模越大,补丁、漏洞修复和合规报告越有价值 | 要求按规模区间提供终端数量分布和模块渗透率 |
| 政府合同工具与授权 | 扩张驱动因素 | 中高正面:FedRAMP、GSA、DIR 和其他工具缩短公共部门采购周期 | 要求提供公共部门 ARR、联邦续约率和头部机构集中度 |
| 大客户集中 | 集中度风险 | 高:公开证据集中在 Fortune 100、银行、武装部队军种和其他高价值机构 | 要求提供前 10 大客户 ARR 集中度和合同到期日历 |
| 实施工作量和学习曲线 | 集中度风险 | 中高:独立评论反复警示,部署和策略管理需要有经验的操作人员 | 要求按分群提供实施周期数据、服务附加率和价值实现时间 |
| 定价与供应商整合压力 | 集中度风险 | 中高:评论平台和 JLL 式供应商精简都显示,价格压力可能拖慢扩张 | 要求提供相对 Microsoft 捆绑包和更便宜点状替代品的输赢分析 |
| 续约队列披露缺口 | 集中度风险 | 高:检索到的公开来源均未披露 NRR、GRR、Logo 流失、头部客户结构或合同期限分布 | 要求提供队列表、续约排期和分产品总留存率 |
扩张行反映 Tanium 讲得清楚的公开故事;集中度行反映仍未披露的信息。由于公司不公布客户数或队列数据,若没有管理层材料,若干风险无法闭环。
[CU045, CU046, CU047, CU048, CU049, CU050]大型企业和公共部门买家如何从合规或可视性痛点出发,进入 Tanium 部署、运营和扩张。
这张图基于抓取的客户案例、采购页面和独立评论平台重建。Tanium 未披露平均销售周期或部署时间数据,因此各阶段节奏由公开证据推断。
[CU035, CU045, CU046, CU048, CU050]从采购匹配到规模化生产使用的运营流程,标出 Tanium 公开证据最强处和摩擦出现处。
这是定性流程,不是数字漏斗,因为 Tanium 不披露总客户数、POC 数或转化数。公开记录对顺序和关口因素更清楚,对各阶段体量并不清楚。
[CU032, CU033, CU035, CU045, CU046, CU050]6.6 附证
07风险
7.1 最高风险栈:安全缺陷节奏、法律阴影和实施复杂度是最大的剩余敞口
Tanium 的公开记录支持清晰的风险排序。公司受益于产品广度,但广度也意味着公开漏洞披露跨越多个模块和运营表面,而不是单个孤立问题。截至 2026 年 5 月中旬,Tanium 安全索引已经列出密集公告,包括涉及凭证获取、未授权数据访问、权限提升、日志令牌暴露、SQL 注入、不安全文件权限和拒绝服务条件的缺陷。Tanium 向安全意识强的企业和政府销售控制平面软件,因此反复出现的缺陷节奏不只是产品质量问题;它会直接传导到客户信任、补丁紧迫性和支持负荷。再叠加评论平台反复描述的大型资产部署复杂度、陡峭运营要求和定价压力,结果就是:公司规模主张可信,但公开风险图景仍取决于客户体验到的 Tanium 究竟是在简化运营,还是又一个需要专家持续照看的重型系统。[CR009, CR010, CR011, CR012, CR013, CR014]
| 失效模式 | 可能性 | 严重性 | 缓释成熟度 | 剩余风险 | 未解决缺口 |
|---|---|---|---|---|---|
| 核心平台组件跨模块漏洞与补丁节奏 | 高 | 高 | 中 — Tanium 会发布安全公告,并迅速给出修复版本 | 高 | 公开来源未显示客户补丁采用率,也未按模块披露暴露安装基数规模。 |
| 管理工作流中的凭证、令牌和特权访问缺陷 | 中高 | 高 | 中 — 客户获得明确修复指引,例如轮换令牌和使会话失效 | 中高 | 保留来源没有量化多少环境依赖受影响模块,也没有说明暴露凭证是否在真实环境中被滥用。 |
| 客户环境中的本地部署和环形拓扑运营脆弱性 | 中 | 高 | 中低 — 缓释更依赖架构设计和操作员经验,而不是供应商自动化 | 中高 | 评论片段指出中央枢纽和本地部署维护问题,但大型终端资产的故障率数据不公开。 |
| 大型环境部署缓慢或协调成本高 | 高 | 中高 | 中 — 一些买家报告顺利上线,但复杂环境仍需要有经验的实施人员 | 高 | 公开证据缺少大型客户的中位实施周期、策略延迟指标和支持 SLA 结果。 |
| Tanium 扩展到 OT、移动端和 AI 主导工作流后,测试面扩大 | 中高 | 中高 | 中 — 分阶段发布环、置信度评分和统一遥测都是设计的一部分 | 中高 | 公开发布材料描述功能,不披露新终端类别的缺陷密度、采用率或回滚率。 |
该登记表优先列出影响客户信任、补丁负担和部署信心的公开信号,而不是每个理论软件风险。
[CR009, CR010, CR011, CR012, CR013, CR014]7.2 法律与监管姿态:未见生存级案件,但公开诉讼和合规负担仍影响决策
法律图景并非灾难性,但也绝不空白。Howard 事项表明,Tanium 过去围绕股权和招聘的沟通引发了一起仍然有效的欺诈争议:该案上诉后存续,2025 年仍走向陪审团审理,之后才以撤诉告终。这段历史不能证明公司现在仍有不当行为,但意味着围绕录用通知沟通和股权价值表述的治理,是真实的尽调议题,不是假设风险。QuickVault 专利诉讼的重要性在另一处:它直接指向 Tanium 的 XEM 平台,并把企业用户也纳入诉讼范围;即便案件没有实质裁判就结束,这类贴近客户的 IP 暴露也可能拖累商业关系。监管暴露更隐蔽。Tanium 在公共部门渠道中很活跃,也越来越多把 AI 驱动的运营推向受监管环境。留存来源没有显示当前执法行动,但联邦采购暴露、受监管客户组合和新的自动化工作流叠在一起,意味着合规维护应被视为持续经营负担,而不是已经勾掉的检查项。[CR001, CR002, CR003, CR004, CR005, CR006]
| 规则 / 许可 / 案件 | 司法辖区 | 状态 | 可能性 | 严重性 | 缓释措施 | 剩余风险 | 尽调路径 |
|---|---|---|---|---|---|---|---|
| Howard 就业股权欺诈诉讼 | 美国联邦法院 | 上诉在 2024 年重启;案件延续至 2025 年中,后按约定终止 | 中 | 高 | 具体案件已经结束,公开记录中没有不利于 Tanium 的实体认定 | 中 | 审查招聘和股权估值签批控制、培训,以及员工录用争议牵涉的任何保险或准备金历史。 |
| QuickVault 针对 XEM 的专利诉讼 | 美国联邦法院 | 2023 年提起,公开报道显示 2024 年在不影响再次起诉的情况下被驳回 | 中 | 高 | Tanium 可以抗辩、重新设计或和解,但没有公开实体裁判排除被主张专利带来的风险 | 中高 | 要求提供自由实施分析、客户部署的任何赔偿条款,以及是否仍有类似主张未了结。 |
| 公共部门授权与采购合规负担 | 美国联邦和州级采购 | Tanium 仍在多个公共部门采购工具上,但这些渠道有期限且合规负担重 | 中 | 高 | 现有合同工具和渠道关系支撑持续准入 | 中 | 要求提供当前授权范围、续期日历,以及按公共部门工具或签约路径划分的收入敞口。 |
| 受监管客户的 AI 与隐私合规负担 | 多司法辖区 | 保留来源未显示执法行动,但 Tanium 正在把 AI 驱动的运营推进金融和政府工作流 | 中 | 中高 | 分阶段部署、置信度评分和合作伙伴工作流可能降低上线摩擦 | 中高 | 要求提供 AI 治理控制、模型使用边界,以及自动化决策牵涉的任何监管机构、审计方或客户发现。 |
各行按剩余严重性排序,覆盖最影响决策的公开法律和监管风险,而不是列尽每个可能司法辖区的问题。
[CR001, CR002, CR003, CR004, CR005, CR006]7.3 商业、依赖与竞争风险:公共部门路径、大型资产环境和平台生态既是助力也是掣肘
Tanium 的客户和合作伙伴证据显示,公司面向的正是最难拿下、也最容易失望的客群:大型企业、受监管机构和政府买方。合同载体清单和公共部门评论确认 Tanium 确实能触达联邦需求,但也暴露出载体有期限、预算敏感、买方成熟度不均。商业层面,评测和对比来源传递的信息一致。买方认可实时可见性和广泛端点管理功能,但也认为价格昂贵、部署依赖专家,竞品更容易上线,或被更广的平台包进去。竞争压力并不只来自某一家端点纯玩家。CrowdStrike、BigFix、Microsoft 以及相邻生态伙伴,都以不同方式影响买方对话——云原生交付、感知价值,或围绕已安装企业平台的打包。Tanium 的依赖图因此异常宽:公司不仅依赖终端客户满意度,也依赖公共部门采购机器、伙伴主导的工作流集成,以及让自管理大型资产环境不要觉得运营过度堆砌的能力。[CR018, CR019, CR020, CR021, CR022, CR023]
| 依赖 | 交易对手 | 角色 | 集中度 | 失效场景 | 严重性 | 缓释措施 | 剩余风险 |
|---|---|---|---|---|---|---|---|
| 联邦采购工具与公共部门渠道 | Carahsoft 及机构合同工具 | 触达美国联邦和州级需求的路径 | 中高 | 工具失效、预算冻结或采购延迟拖慢新增预订和扩张 | 高 | 列出的工具较多且合作伙伴覆盖面广,在一定程度上分散了市场进入路径 | 中高 |
| 大型企业与受监管标杆账户 | 未披露的头部商业和政府买家 | 推动声誉、续约和大型部署 | unknown | 少数超大账户或续约放慢,会扭曲增长和支持负载 | 高 | 公开 Logo 显示客户面广,但前几大客户精确占比未披露 | 高 |
| Microsoft 和 ServiceNow 生态关系 | Microsoft Intune 和 ServiceNow 工作流 | 集成、AI 智能体和工作流嵌入 | 中高 | 平台合作伙伴捆绑相邻能力或调整优先级,会削弱 Tanium 的独立价值主张 | 高 | 如果 Tanium 仍是终端动作的记录系统,集成仍能提升粘性 | 中高 |
| 客户自运维本地基础设施 | 企业客户 IT 团队 | 在自管理环境中托管和维护 Tanium | 中 | 运营债、支持疲劳或迁移拖累,会延缓产品价值兑现和续约 | 中高 | 部署已嵌入后,Tanium 的平台宽度可抵消部分切换压力 | 中高 |
严重性反映每项依赖在多大程度上会直接传导到预订、续约、实施成本或议价能力。
[CR023, CR025, CR026, CR027, CR028, CR029]| 角色 / 职能 | 依赖或缺口 | 可能性 | 严重性 | 缓释措施 | 尽调路径 |
|---|---|---|---|---|---|
| 产品和工程领导层 | AEM、OT、移动端和 AI 工作流都需要可靠的跨模块执行 | 中高 | 高 | Tanium 正在使用分阶段发布环、置信度评分和统一遥测来降低变更风险 | 要求按发布队列提供新 AEM、移动端和 OT 能力的采用、回滚和缺陷指标。 |
| 支持与解决方案工程 | 复杂部署看起来仍需要有经验的管理员和细致排障 | 高 | 中高 | 聚焦大型企业可支撑更深服务和定制实施支持 | 审查主要客户的实施人员配比、价值实现时间基准和支持响应指标。 |
| 公共部门一线执行 | 即使产品契合,政府买家的人员和预算限制仍可能拖慢销售和扩张 | 中 | 中高 | 合作伙伴路径和成熟联邦工具有助于降低部分进入市场摩擦 | 要求按联邦、州和商业分群拆分管道账龄、赢单率和续约率。 |
| 治理与沟通纪律 | 围绕股权价值表述的历史诉讼,可能在尽调、招聘或投资人审查中再次浮现 | 中 | 中 | 具体 Howard 事项已经结束,降低了即时案件风险 | 审查由董事会或法律顾问负责的控制,覆盖聘用邀约、股权沟通,以及有争议估值表述的升级处理。 |
执行风险集中在三个地方:Tanium 的规模叙事依赖专业实施能力、路线图纪律,以及清晰治理控制。
[CR005, CR018, CR023, CR024, CR025, CR030]Tanium 最重要的外部依赖集中在公共部门渠道、大型企业客户、平台生态和客户自管部署,而不是某个单一供应商。
依赖关系基于保留的公开合同、客户、评论和产品扩张来源重建;准确收入权重未公开。
[CR026, CR027, CR032, CR037, CR038, CR043]7.4 监控与否决标准:关键在于 Tanium 新 AI 叙事能否在价格压力加剧前实质降低复杂度
公开证据今天还不足以下“投资逻辑破裂”的结论,但足以要求紧密跟踪。Tanium 的 AI 和自主运营叙事在战略上说得通:独立来源显示,公司正从核心端点控制扩展到移动、OT、ServiceNow AI 智能体,以及承诺用置信评分和分阶段自动化推进的 AEM 工作流。投资人的问题在于,执行证据仍比营销表层薄。公开来源没有披露附加率、价格提升、利润率影响,也没有说明新的 AI 工作流到底多大程度缩短部署或降低支持负担。这一点重要,因为同一批描述 Tanium 野心的来源也显示,大型买方比过去更容易比较云原生或打包替代方案。如果新功能简化运营,Tanium 就能守住定价和粘性;如果只是再加一层需要专家操作的东西,流失节奏、支持负载和竞品打包都会更快传导到收入质量。因此,合理做法是把 Tanium 承销建立在明确跟踪点上:安全公告节奏、部署摩擦、公共部门需求健康度、竞争性折扣和 AI 功能采用,而不是只押注叙事信心。[CR017, CR023, CR032, CR033, CR035, CR038]
| 风险 | 可监控触发信号 | 阈值 / 事件 | 行动含义 |
|---|---|---|---|
| 安全缺陷频率 | 反复出现影响权限、令牌或核心服务器功能的多模块公告 | 一个季度内出现两个或更多重大公告,或某个缺陷需要大范围轮换凭证 | 将平台风险假设调差,并在给上行情景定价前,要求按模块披露补丁采用率、事件数量和客户暴露面。 |
| 大型资产部署摩擦 | 大型环境里,实施周期拉长,策略或补丁投诉持续出现 | 新的标杆部署超过六个月才稳定,或评价信号反复指向策略延迟和支持问题 | 下调经营杠杆假设,并要求提供服务负担、支持 SLA 和客户背调证据。 |
| 公共部门集中度 | 联邦采购通道失效,或预算挤压显性化 | 关键采购路径丢失、拨款延迟,或公共部门订单骤然放缓 | 除非能证明商业客户分散度和续约广度,否则下调增长耐久性的信心。 |
| 竞争性捆绑与定价压力 | 反复输给 Microsoft、CrowdStrike 或 BigFix,或被迫打折 | 证据显示捆绑型对手凭更容易部署、更低 TCO 或更深平台覆盖取胜 | 下调预期成交率和毛利率,并用更保守的定价曲线重测投资逻辑。 |
| AI 与自主运维执行 | 新的 AI 功能未能简化真实部署 | 采用率低、服务需求重,或客户怀疑 AI 能力能否减少手工工作 | 在采用和变现数据改善前,把 AI 上行放入观察清单,而不是基准情景。 |
这些触发信号都设计成可从后续公告、采购记录、评价、产品发布和管理层尽调回复中监控,而不是靠直觉判断。
[CR017, CR023, CR032, CR033, CR035, CR039]Tanium 最高的剩余风险集中在安全缺陷节奏、部署复杂度、采购集中度和 AI 相关定价压力,而不是某个单一生死事件。
标签只反映公开证据;它们不是事件频率或损失幅度的定量模型。
[CR017, CR032, CR033, CR035, CR042, CR044]Tanium 的主要风险通过几条共用通道传导:软件缺陷节奏、部署负担、公共部门和大客户集中度,以及 AI 功能必须抵消竞争压力。
这张图综合了保留下来的来源信号,并非公司披露的因果模型。
[CR017, CR023, CR032, CR033, CR035, CR042]7.5 附录证据
08估值
8.1 建议与投资逻辑
Tanium 在一个狭窄意义上已经不再是估值谜题:2024 年 5 月之后的公开证据清楚表明,它仍远高于独角兽门槛。Forbes 2025 年 9 月仍把公司描述为 $9 billion,而 Yahoo Finance 的 Forge 支持私募市场页面估计,截至 2026 年 5 月 15 日为 $4.26 billion。这两个标记相差很远,但在用户核心问题上指向同一方向:Tanium 仍是一家数十亿美元级私营公司。真正的争论因此不是 Tanium 是否超过 $1 billion,而是在没有管理层新披露的情况下,哪个价格区间站得住。 建议是观察 / 继续研究;在当前二级市场式价格附近有条件兴趣,而不是怀念旧轮次估值。公开证据支持一种合理读法:如果投资人能在当前二级估值附近进入,并确认 2024 年 Forbes 描述的经营画像大体仍成立,就可以继续研究。公开证据不支持把旧的 $9 billion 框架当作干净成交价来支付。反向逻辑是不透明:公开记录仍缺少更新后的 ARR 桥、留存、毛利率、现金消耗细节,以及决定普通股回报是否真正有吸引力的优先股堆叠。[CV006, CV008, CV009, CV022, CV023, CV024]
| 维度 | 评估 | 信心 | 决策含义 |
|---|---|---|---|
| 投资建议 | 观察 / 继续研究;接近已验证老股交易水平时有条件感兴趣 | 中 | 在管理层刷新 ARR、利润率和股权结构表数据前,不要给上行情景定价。 |
| 信心 | 中 | 中 | 公司显然仍值数十亿美元,但公开证据无法锁定精确区间。 |
| 风险评级 | 高 | 高 | 即便核心运营仍然稳健,治理诉讼、产品公告风险和披露不透明也会扩大折价。 |
| 估值立场 | 在当前老股交易式标记下合理;按旧有 $9B 框架看偏高 | 中 | 入场价格比公司质量本身更关键。 |
| 入场纪律 | 把 ~$4.3B 作为尽调锚点,不是空白支票 | 中 | 在支付高于当前老股估算的价格前,需要刷新 ARR、NRR、毛利率和瀑布分配。 |
评估对价格敏感。表格区分当前老股交易式估算与更早的峰值轮次 / 市场画像估值,而不是把两者平均成虚假精度。
[CV006, CV008, CV009, CV022, CV023, CV024]| 维度 | 投资逻辑 | 反向逻辑 | 哪些证据会改变判断 |
|---|---|---|---|
| 运营规模 | Forbes 2024 年报道显示 ARR 约 $700M、EBITDA 已盈利,FCF 利润率 >10%。 | 这些数据没有在经审计的 2025-2026 公开材料中更新。 | 发布当前 ARR / 利润率桥接和经审计的运营指标。 |
| 市场相关性 | 36M+ 端点遥测、公共部门合同,以及 ServiceNow / Microsoft 相邻定位支撑平台相关性。 | 如果增长降温,端点管理仍可能被市场归入捆绑型或低倍数品类。 | 拿出持久扩张、大型企业胜率,以及 Atlas / AEM 附加率证据。 |
| 估值底部 | Forbes 2025 和 Yahoo / Forge 2026 都显示 Tanium 仍远高于 $1B。 | ~$4.26B 到 $9B 的区间太宽,不能忽略。 | 提供管理层认可的估值材料,或新的老股清算证据。 |
| 治理 / 风险 | 业务看起来足够成熟,能够吸收普通执行风险。 | Howard v. Tanium 和 2026 年公告让治理与产品风险仍留在档案中。 | 干净结束诉讼,并证明控制环境稳定。 |
| 流动性 | 老股市场支持和规模意味着存在流动性路径。 | 公开信息中没有新的 IPO 文件、要约披露或详细股权结构瀑布。 | 分享关于现实流动性时点的银行、要约或董事会材料。 |
投资逻辑和反向逻辑只基于保留的公开证据;缺失的私有公司披露被明确列为尽调要求,而不是靠猜测抹平。
[CV001, CV002, CV003, CV004, CV011, CV018]公开证据指向“按当前老股价格合理、按旧估值偏高”,而不是泛泛的买入结论。
流程把一个定性决策树压缩为 6 个节点,方便 IC 阅读。
[CV022, CV023, CV024, CV052, CV059, CV060]8.2 为什么估值底部仍远高于 $1 billion
最强的底部证据,是后期经营规模、公开价格和二级市场持续支持三者叠加。Forbes 2024 年 8 月报道描绘的是一家已经超过 $700 million ARR、自由现金流率超过 10%、EBITDA 转正,并建立了 $300 million 云 ARR 流、同比增长 40% 的公司。这不是低于独角兽的经营规模。同一篇文章称 Tanium 覆盖 32 million 台员工设备;到 2026 年 5 月 Atlas 发布时,公司声称覆盖超过 36 million 个端点。North Carolina 2025 年价目表和 AWS Marketplace 套餐显示,Tanium 仍在规模化销售高价、多模块企业产品;Carahsoft 合同目录则显示,政府采购触达延续到 2026 年和 2030 年窗口。 合起来看,这些信号比缺少新一轮定价融资更重要。一家公司如果有数亿美元级经常性收入、正向现金生成、深度公共部门触达和真实二级市场报价,不需要 2025 年一级融资事件来证明自己仍是独角兽。公开记录也确实显示,旧的 $9 billion 标记和当前 $4.26 billion 估计应被视为不同估值制度,而不是可互换的事实。[CV001, CV002, CV003, CV004, CV005, CV011]
8.3 可比公司组与入场纪律逻辑
公开可比公司组支持的是纪律,不是否定。Tenable、Qualys 等成熟安全公司市值 / 收入约在 2.5x 到 5.2x,SentinelOne 接近 6.0x。CrowdStrike、Palo Alto Networks 等高增长平台公司倍数高得多,因为披露更干净、规模更大,或两者都有。私募可比在增长异常强时还会更高:NinjaOne 披露数据意味着约 10x ARR,Axonius 按其 2025 年 ARR 预测约 13x,Wiz 在仍处超高增长的云安全画像上低于 24x。 在这个背景下,Tanium 当前以滞后的 Forbes 2024 年 ARR 锚点计算,6.1x 代理倍数更接近成熟公开市场区间,而不是高增长私募或公开市场溢价。因此,当前二级市场式标记比旧的 $9 billion 框架更容易辩护。对于一家粘性强、盈利、面向企业、带政府暴露和 AI 杠杆的平台,12.9x 代理倍数不是不可能,但需要证明 Tanium 自 2024 年 Forbes 文章以来,增长、利润率和产品动能都守住了。没有这份证据,投资人不应像承销 CrowdStrike、Wiz 或新一轮高增长私募轮那样承销 Tanium。[CV023, CV024, CV026, CV027, CV028, CV029]
| 可比公司 | 状态 | 估值 / 市值 | 收入或 ARR 锚点 | 隐含代理倍数 | 相关性 | 局限 |
|---|---|---|---|---|---|---|
| Tanium(当前老股交易) | 私有 / 老股交易估算 | ~$4.26B | ~$700M ARR(Forbes 2024 年 8 月锚点) | ~6.1x | 目前最好的 Tanium 自身公开入场锚点。 | 使用陈旧运营锚点和模型化老股交易估算,而不是经审计的 2026 财务数据。 |
| Tanium(旧峰值框架) | 私有 / 旧轮次估值标记 | $9.0B | $700M ARR 锚点 | ~12.9x | 显示旧溢价框架需要投资者相信什么。 | 峰值新股估值标记已经陈旧;当前财务披露不公开。 |
| CrowdStrike | 公开 | ~$157.5B | ~$4.812B FY2026 收入 | ~32.7x | 精英平台质量和披露的上限。 | 规模大得多、流动性更好,且仍在规模化增长。 |
| SentinelOne | 公开 | ~$6.0B | ~$1.001B FY2026 收入 | ~6.0x | 对仍在扩张的安全平台,是有用的当前公开底部。 | 公开市场波动更大,产品组合也不同于 Tanium。 |
| Tenable | 公开 | ~$2.54B | ~$999.4M 2025 收入 | ~2.5x | 有用的成熟公开暴露面管理底部。 | 增速更低、更成熟,定位也不同。 |
| Qualys | 公开 | ~$3.45B | ~$669.1M 2025 收入 | ~5.2x | 在 Tanium 2024 年收入锚点附近,有用的盈利型公开安全基准。 | 产品组合更老,披露也比 Tanium 更干净。 |
| Palo Alto Networks | 公开 | ~$200.8B | ~$9.2B FY2025 收入 | ~21.8x | 展示有广度和流动性的规模化安全平台能拿到什么估值。 | 类似集团的规模让它更像愿景可比,而不是直接可比。 |
| NinjaOne | 私有 | ~$5.0B | 截至 2026 年 1 月 ARR >$500M | ~10x | 在已披露数据里,最接近的快速增长端点管理风格私有可比。 | 近期增长更高,当前 ARR 披露也比 Tanium 更清晰。 |
| Axonius | 私有 | ~$2.6B | 2025e ARR >$200M / 2023 年 ARR >$100M | ~13x(基于 2025e) | 相关的私有网络资产管理可比。 | ARR 使用的是预测 2025 数字,而不是经审计的 2026 实际值。 |
| Wiz | 私有 | ~$12.0B | ARR 底线 >$500M / 距 $1B 目标已过半 | <24x | 有用的私有云安全溢价可比上限。 | 云安全增长画像更强,产品组合也不同。 |
倍数是估值或市值除以收入 / ARR 的简化代理,不是企业价值计算。它们用于相对纪律,而不是虚假精度。
[CV023, CV024, CV026, CV027, CV028, CV029]把不同收入代理套到过时的 $700M 公开 ARR 锚点上,可以看出当前估值和旧估值标记为何要求完全不同的投资测算口径。
敏感性分析使用 Forbes 2024 年 8 月 ARR 锚点,因为 Tanium 没有公开更新、经审计的 ARR。
[CV001, CV009, CV023, CV024, CV025, CV053]8.4 乐观、基准和悲观估值区间
情景框架应锚定公开证据,并明确缺什么。悲观情景假设 2024 年 Forbes 描述的收入画像增长不多,市场套用更接近 Tenable 或 Qualys 的成熟公开市场倍数,治理或安全悬置进一步扩大折扣。Tanium 因而落向约 $3 billion 到 $4 billion;这仍高于独角兽底线,但相对今天的二级市场式定价,上行有限。 基准情景假设 Tanium 大体维持 2024 年规模,盈利能力足以避免困境,并从 Atlas、ServiceNow 和政府粘性中收获一部分价值,但没有证明全面再加速。对应约 $4.5 billion 到 $6.0 billion,足够接近 Yahoo / Forge 估计,可以支持“合理”立场。乐观情景需要的不只是叙事。要支撑 $7.5 billion 到 $9.5 billion,Tanium 必须拿出更新后的 ARR 增长、可持续利润率,以及客户仍愿为平台支付溢价、而不是把端点管理视为可打包成本中心的证据。换句话说,旧的 $9 billion 框架是有条件上行情景,不是默认基准情景。[CV023, CV024, CV053, CV054, CV055]
| 情景 | 公开锚点 | 估值区间 | 概率信号 | 关键假设 | 主要下行 / 上行触发因素 |
|---|---|---|---|---|---|
| 悲观 | 陈旧的 ~$700M ARR 锚点;市场采用 ~4x-6x | $3.0B-$4.0B | 25% | ARR 增长极低,治理 / 产品包袱扩大折价,买方按增速更慢的成熟平台给 Tanium 定价。 | 刷新 ARR、利润率或优先权条款的尽调结论为负面。 |
| 基准 | 陈旧的 ~$700M ARR 锚点;市场采用 ~6x-8x | $4.5B-$6.0B | 50% | Tanium 大体守住 2024 年规模,维持盈利纪律,并逐步变现 Atlas / 合作伙伴粘性。 | 有适度增长证据,但看不到明确再加速。 |
| 乐观 | 陈旧的 ~$700M ARR 锚点叠加已证实再加速;市场采用 ~11x-14x | $7.5B-$9.5B | 25% | 刷新后的 ARR、利润率和留存确认,Tanium 仍配得上接近旧估值标记的后期平台溢价。 | 强劲的 2025-2026 KPI 披露和溢价倍数支撑。 |
| 概率加权观点 | 悲观 25% / 基准 50% / 乐观 25% | ~$4.9B-$5.4B | 100% | 中点偏向合理老股交易阵营,而不是旧融资轮阵营。 | 一旦私有指标或股权结构数据可得,判断会大幅变化。 |
情景区间是基于公开证据的估算,不是管理层指引。它们刻意使用 Forbes 2024 年的陈旧运营锚点,因为当前经审计的 Tanium KPI 并未公开。
[CV023, CV024, CV053, CV054, CV055]基准情景支撑集中在当前老股水平附近,而旧 $9B 框架更像上行情景,不像默认入场估值。
情景区间是基于公开证据的估计;可观察锚点线展示当前老股和旧估值档位的端点,不是实际中点交易。
[CV009, CV023, CV024, CV053, CV054, CV055]8.5 投资逻辑破裂、退出准备度与最终尽调问题
最大的估值风险不只是市场品类风险,也包括披露和治理风险。Howard v. Tanium 让员工股权估值做法继续留在尽调文件中,2026 年产品安全公告提醒投资人,即便平台已经规模化,执行风险仍重要。更关键的是,公开记录仍未回答决定普通股价值的问题:当前 ARR 和 NRR、毛利率、现金消耗、优先股堆叠,以及 2024-2026 年是否有任何二级交易实际接近公布估计成交。 这种不确定性也限制退出承销。Forbes 2024 年 8 月报道称,Tanium 对继续保持私有状态感到从容,并未把首次公开募股(IPO)放在优先事项,因此投资人不应假设近期流动性。建设性观点因此需要明确否决触发项:更新后 ARR 明显低于 2024 年锚点、优先股堆叠在当前二级区间附近吃掉价值,或更多治理 / 安全问题扩大折扣。在这些问题解决前,合理立场是把 Tanium 留在观察名单上,而不是把旧估值当作已有公开公司级披露那样支付。[CV019, CV020, CV021, CV057, CV059, CV060]
| 触发因素 | 阈值 | 如何传导到投资逻辑 | 行动含义 |
|---|---|---|---|
| 刷新后 ARR 令人失望 | 2025-2026 ARR 明显低于 2024 年公开 ~$700M 锚点 | 打破当前倍数框架,让老股交易估算看起来也过于慷慨。 | 下调至回避,或要求低得多的入场价格。 |
| 单位经济性偏弱 | NRR 或毛利率明显低于一流软件标准 | 拿掉相对成熟公开安全可比公司的所有溢价理由。 | 把估值转向悲观区间。 |
| 优先权包袱 | 股权结构瀑布显示,在 ~$4B-$5B 退出价位附近,普通股价值有限 | 把合理企业价值变成糟糕股权回报。 | 要求结构调整,或放弃。 |
| 治理 / 诉讼升级 | Howard 类治理问题扩大,或出现新的股权争议 | 扩大折价、伤害招聘,并削弱对内控的信心。 | 暂停投资,直到法律 / 治理补救清晰。 |
| 运营 / 安全包袱 | 核心模块出现重大产品安全问题,或修复缓慢 | 削弱平台溢价逻辑,伤害公共部门信任。 | 下调目标倍数,并收紧下行假设。 |
触发因素是可监控的尽调阈值,而不是泛泛风险;每一项都直接连到估值压缩或普通股受损。
[CV019, CV020, CV021, CV057, CV061, CV062]| 主题 | 缺失证据 | 重要性 | 负责人或尽调路径 |
|---|---|---|---|
| 当前收入质量 | 按主要产品家族拆分的 2025-2026 ARR、增长、NRR 和毛利率 | 区分合理老股交易与偏高溢价结果。 | CFO 数据室、董事会材料包,或经审计管理账。 |
| 资本结构 | 完全稀释股权结构表、优先股堆叠、任何反稀释棘轮条款和老股交易条款 | 决定在合理退出价格下,普通股价值能否存活。 | 法律 + 财务审查融资文件和 409A 材料。 |
| 现金充足性 | 现金余额、月度烧钱速度,以及招聘 / 云基础设施成本计划 | 避免为仍可能需要稀释性资本的业务付出高价。 | 财务控制团队现金桥接和运营计划审查。 |
| 客户耐久性 | 头部客户集中度、公共部门组合,以及按队列拆分的续约 / 扩张 | 检验政府和大型企业粘性是否真的支撑溢价倍数。 | 销售 / FP&A 队列切片和采购集中度审查。 |
| 流动性路径 | 要约历史、当前老股清算证据,以及 IPO / 出售准备材料 | 建议强度取决于资本如何现实回流。 | 董事会 / 银行材料,加上经纪老股交易数据。 |
这些要求是在高于当前老股交易式水平付价前的最低材料包。缺失项不是装饰;它们决定数十亿美元的标题估值是否真正可投。
[CV057, CV059, CV061, CV063]Tanium 在规模和市场相关性上得分强,但披露质量弱,当前估值清晰度也只是中等。
分数是 IC 风格的方向性评级,只基于保留的公开证据,不是统计模型。
[CV011, CV018, CV021, CV022, CV023, CV057]免责声明
本尽调报告由 AI 研究代理基于截至 2026-05-18 的公开来源生成。报告不构成投资建议,也不是买卖任何证券的邀约。Tanium 是私营公司,许多财务细节仍未披露;估值、收入规模和经营利润率讨论部分依赖二级市场报道和推断,而非经审计文件。做出投资或业务决策前,请自行开展独立尽调。
证据索引
| 编号 | 陈述 | 可信度 | 来源 |
|---|---|---|---|
| CO001 | Tanium was founded in 2007 by the father-and-son team of David Hindawi and Orion Hindawi. | 高 | SO019, SO021, SO023, SO026 |
| CO002 | CB Insights classifies Tanium as a late-stage private company in "Secondary Market | Alive" status. | 中 | SO023 |
| CO003 | Tanium’s current public positioning is an "Autonomous IT" platform spanning endpoint management, exposure management, and broader IT-security workflows. | 中 | SO001, SO023, SO024 |
| CO004 | Tanium launched Tanium Atlas on 2026-05-05 as an autonomous operating system layered on its broader platform. | 高 | SO009, SO028 |
| CO005 | Tanium says Atlas is powered by a data layer that covers more than 36 million endpoints worldwide. | 高 | SO009, SO028 |
| CO006 | Tanium publicly presents Best Buy and the United States Navy as reference customers. | 中 | SO016, SO017 |
| CO007 | Tanium explicitly markets its platform to U.S. federal government agencies. | 中 | SO018, SO011 |
| CO008 | Tanium’s current locations page labels Washington as the company’s headquarters. | 中 | SO015 |
| CO009 | The SEC Form D search page and CB Insights both surface Emeryville, California as Tanium’s business or headquarters address. | 高 | SO022, SO023 |
| CO010 | Publicly available sources conflict on whether Tanium’s primary headquarters should be treated as Washington or Emeryville. | 中 | SO015, SO022, SO023, SO025, SO026 |
| CO011 | Dan Streetman’s current Tanium bio and Yahoo Finance profile describe him as Tanium’s chief executive officer. | 中 | SO002, SO024 |
| CO012 | Tanium’s 2023 CEO transition announcement said Dan Streetman became CEO, Orion Hindawi became executive chairman, and David Hindawi became chairman emeritus. | 中 | SO020 |
| CO013 | Orion Hindawi’s current Tanium leadership biography still says he serves as chief executive officer. | 中 | SO003 |
| CO014 | David Hindawi’s current Tanium biography says he serves as executive chairman and previously founded BigFix. | 中 | SO004 |
| CO015 | Tanium’s own current public leadership materials are internally inconsistent about whether Dan Streetman or Orion Hindawi holds the CEO title. | 中 | SO002, SO003, SO020, SO021, SO024 |
| CO016 | Mark Fields joined Tanium’s board in September 2020 after previously serving as Ford’s CEO. | 高 | SO005, SO014, SO019 |
| CO017 | Tim Millikin is a TPG partner and a current Tanium board member. | 中 | SO007 |
| CO018 | Maggie Wilderotter’s Tanium biography highlights prior Fortune 500 and startup CEO experience. | 中 | SO006 |
| CO019 | Marc Levine is Tanium’s CFO and leads the company’s finance function and external financial relationships. | 中 | SO008, SO024 |
| CO020 | Tanium’s governance remains founder-concentrated because David and Orion Hindawi still hold senior leadership or board-adjacent roles after Streetman’s appointment. | 中 | SO003, SO004, SO020 |
| CO021 | Tanium’s 2020 funding announcement said the company completed the sale of an additional $150 million in common stock. | 高 | SO013, SO019 |
| CO022 | Business Insider reported that the October 2020 financing valued Tanium at more than $9 billion. | 中 | SO019, SO021 |
| CO023 | Business Insider reported that Tanium’s June 2020 Salesforce Ventures investment was $100 million at a $9 billion valuation. | 中 | SO019 |
| CO024 | Tanium said in 2020 that cumulative capital raised had exceeded $900 million. | 高 | SO013, SO019 |
| CO025 | CB Insights currently estimates Tanium’s total raised at $1.174 billion. | 中 | SO023 |
| CO026 | Public SEC records show Tanium filed Form D notices in 2009, 2010, 2011, 2014, 2015, 2017, 2018, and 2020. | 中 | SO022 |
| CO027 | Tanium’s disclosed or reported investor base includes Andreessen Horowitz, TPG, Salesforce Ventures, Fidelity, Baillie Gifford, and T. Rowe Price. | 中 | SO019, SO025, SO029 |
| CO028 | Tanium’s capital stack mixes traditional venture backers with crossover and public-market investors. | 中 | SO019, SO025 |
| CO029 | Forbes’ September 2025 company profile valued Tanium at $9 billion. | 中 | SO021 |
| CO030 | Forbes’ September 2025 company profile listed Tanium at approximately 2,000 employees. | 中 | SO021 |
| CO031 | Yahoo Finance’s private-company profile showed 1,001 full-time employees and a Forge price of $5.40 as of 2026-05-15. | 中 | SO024 |
| CO032 | ZoomInfo categorized Tanium as a 1K-5K employee business and estimated revenue at $378.1 million. | 低 | SO025 |
| CO033 | Public third-party sources do not converge on a single current Tanium headcount. | 中 | SO021, SO024, SO025 |
| CO034 | Tanium said in its 2023 CEO announcement that more than half of the Fortune 100 and the U.S. armed forces trust its platform. | 中 | SO020, SO032 |
| CO035 | Tanium’s 2023 FedRAMP release said the company supported five branches of the Department of Defense, civilian agencies, and more than 70% of the Fortune 100. | 中 | SO032 |
| CO036 | Tanium Cloud for U.S. Government received FedRAMP Moderate authorization in November 2023. | 高 | SO011, SO032 |
| CO037 | Tanium’s May 2026 ServiceNow solution integrates Tanium’s platform capabilities with ServiceNow CMDB, workflows, and AI agents. | 高 | SO010, SO027 |
| CO038 | Tanium’s public product language shifted from converged endpoint management (XEM) in 2023 toward Autonomous IT and an autonomous operating system in 2026. | 中 | SO020, SO009, SO010, SO028 |
| CO039 | Bloomberg-syndicated reporting in 2017 said Tanium used El Camino Hospital’s network in live demos without the hospital’s permission or knowledge. | 中 | SO030 |
| CO040 | Orion Hindawi publicly apologized in 2017 and said Tanium should have anonymized the hospital customer’s data better. | 中 | SO030 |
| CO041 | Syndicated 2017 reporting said former employees alleged Orion Hindawi fired some staff before their options vested, and Tanium denied any pattern or practice of that conduct. | 中 | SO029, SO033 |
| CO042 | The 2017 culture reporting framed the alleged pre-vesting firings as tied to preserving founder voting and board control. | 中 | SO029, SO033 |
| CO043 | In August 2024, the Ninth Circuit revived Daniel Howard’s fraudulent misrepresentation claim against Tanium over the value of RSUs in a compensation package. | 中 | SO031 |
| CO044 | The Ninth Circuit opinion said the plaintiff alleged Tanium presented the RSUs in his offer package as having a $5 current value. | 中 | SO031 |
| CO045 | The retained public sources do not disclose an exact current customer count for Tanium. | 低 | |
| CO046 | The retained public sources do not disclose a current ARR or revenue run-rate for Tanium. | 低 | |
| CO047 | The retained public sources do not disclose current ownership percentages or a full cap table for Tanium. | 低 | |
| CO048 | Streetman is the better-corroborated current operating CEO signal because the 2023 transition announcement, Forbes, and Yahoo align on his role while Orion Hindawi’s biography appears stale. | 中 | SO020, SO021, SO024, SO003 |
| CO049 | Tanium’s footprint is best treated as Washington-headquartered with a material Emeryville operating and mailing presence rather than a single uncontested location. | 中 | SO015, SO022, SO023, SO025, SO026 |
| CM001 | Tanium markets a single Autonomous IT Platform that unifies IT operations and security with AI and real-time intelligence. | 高 | SM001, SM002 |
| CM002 | Tanium's endpoint-management offering explicitly covers autonomous operations and comprehensive endpoint management. | 高 | SM002, SM005 |
| CM003 | Tanium's exposure-management offering emphasizes continuous vulnerability monitoring, real-time risk scoring, prioritization, and integrated remediation. | 高 | SM003, SM030 |
| CM004 | Tanium frames its platform as supporting IT operations and security workflows end to end rather than a single point function. | 高 | SM001, SM006 |
| CM005 | The product boundary relevant to Tanium includes endpoint management, asset discovery and inventory, exposure management, and workflow automation. | 高 | SM001, SM002, SM003, SM006, SM030 |
| CM006 | The main excluded spend buckets are pure MDM or MAM, network-only zero-trust tools, and standalone endpoint-protection suites when buyers are not consolidating control and remediation. | 中 | SM013, SM014, SM023, SM029 |
| CM007 | Mordor Intelligence estimates the unified endpoint management market at $8.85 billion in 2026 and $27.83 billion in 2031, a 25.74% CAGR. | 中 | SM008 |
| CM008 | The Business Research Company estimates the unified endpoint management market at $22.75 billion in 2026 and $70.42 billion in 2030, a 32.7% CAGR. | 中 | SM010 |
| CM009 | Technavio estimates the UEM market will expand by $11.365 billion from 2026 to 2030 at a 10.4% CAGR. | 中 | SM011 |
| CM010 | Grand View Research estimates the UEM market at $4.48 billion in 2022 growing to $21.79 billion by 2030 at a 22.4% CAGR. | 中 | SM009 |
| CM011 | Public UEM market baselines differ by more than 2x across firms, so any Tanium TAM must preserve multiple lenses rather than cite a single consensus figure. | 高 | SM008, SM009, SM010, SM011 |
| CM012 | Public endpoint-protection market baselines are also wide, ranging from a $6.31 billion 2026 EPP market in TBRC to a $21.64 billion 2026 EPP market in Fortune Business Insights. | 中 | SM013, SM014 |
| CM013 | Fortune Business Insights sizes exposure management at $5.08 billion in 2026 growing to $26.99 billion by 2034 at a 23.21% CAGR. | 中 | SM015 |
| CM014 | The Business Research Company sizes security and vulnerability management at $15.93 billion in 2026 growing to $24.05 billion in 2030 at a 10.3% CAGR. | 中 | SM017 |
| CM015 | Fortune Business Insights sizes attack surface management at $1.25 billion in 2026 and $5.00 billion by 2034. | 中 | SM018 |
| CM016 | A practical Tanium TAM is the overlap of UEM or control, asset inventory, and exposure-remediation budgets rather than the full endpoint-security or full cybersecurity market. | 高 | SM001, SM002, SM003, SM008, SM017 |
| CM017 | Applying Mordor's 71.62% large-enterprise revenue share to its 2026 UEM baseline yields an enterprise-heavy floor of about $6.34 billion before adding adjacent exposure budgets. | 中 | SM008 |
| CM018 | Applying the same enterprise-share logic to TBRC's 2026 UEM baseline yields a high-case enterprise control ceiling of about $16.29 billion. | 中 | SM008, SM010 |
| CM019 | Mordor says large enterprises held 71.62% of UEM revenue in 2025, indicating the market still skews toward complex organizations rather than SMB-first deployment. | 中 | SM008 |
| CM020 | Mordor says cloud deployment accounted for 60.42% of UEM revenue in 2025, signaling that buyers increasingly expect cloud-delivered control planes and faster policy rollout. | 中 | SM008 |
| CM021 | Both Mordor and Grand View show services growing quickly, implying buyers want implementation, integration, and ongoing optimization help rather than stand-alone licenses. | 高 | SM008, SM009 |
| CM022 | Microsoft Intune defines the default incumbent substitute as cloud-based endpoint management with automated policy deployment, compliance reporting, MDM or MAM, endpoint analytics, and autopatch. | 中 | SM029 |
| CM023 | Intune also integrates threat defense and automated remediation, meaning Tanium often competes against an expanding Microsoft control stack instead of a narrow MDM point tool. | 高 | SM002, SM003, SM029 |
| CM024 | NIST SP 800-124 treats centralized device management, endpoint protection technologies, asset management, and continuous monitoring as core enterprise mobile-security scope. | 中 | SM024 |
| CM025 | NIST SP 800-207 defines zero trust around users, assets, and resources instead of network location, reinforcing asset visibility and device posture as control points. | 中 | SM023 |
| CM026 | OMB M-22-09 makes federal zero-trust migration a formal government program, so device and asset control are budget-backed federal requirements rather than optional pilots. | 高 | SM019, SM022, SM023 |
| CM027 | CISA's Zero Trust Maturity Model is designed to help agencies build zero-trust strategies and implementation plans across five pillars and three cross-cutting capabilities. | 高 | SM019, SM022 |
| CM028 | CISA Cyber Hygiene offers no-cost vulnerability scanning and asset-awareness services to government and critical-infrastructure stakeholders. | 中 | SM020 |
| CM029 | CISA's KEV catalog is explicitly positioned as an input to vulnerability-management prioritization, which favors tools that connect asset context to remediation sequencing. | 高 | SM020, SM021 |
| CM030 | The proposed HIPAA Security Rule changes call for written technology asset inventory and network map requirements, raising the compliance value of asset discovery and endpoint control in healthcare. | 高 | SM026, SM027 |
| CM031 | HHS guidance ties HIPAA risk management to IT asset inventories and broader cybersecurity preparedness. | 高 | SM025, SM026 |
| CM032 | Verizon's 2026 DBIR says the most frequent breach causes still heavily involve the human element and exploitation of software vulnerabilities. | 中 | SM028 |
| CM033 | Tanium's ServiceNow integration is aimed at CMDB, workflows, and AI agents, showing that workflow orchestration and data-model integration are part of the buying thesis. | 高 | SM001, SM006 |
| CM034 | Tanium's state and local government and Carahsoft pages show public-sector buyers spanning state and local agencies, educational institutions, federal civilian agencies, and the U.S. military. | 高 | SM004, SM030 |
| CM035 | FedRAMP authorization reduces procurement friction for U.S. federal cloud programs and expands Tanium's reachable public-sector deployment envelope. | 高 | SM007, SM030 |
| CM036 | Carahsoft and Tanium frame asset discovery and inventory, endpoint management, incident response, and exposure management as one public-sector control plane. | 高 | SM001, SM004, SM030 |
| CM037 | Healthcare and life sciences are among the fastest-growing UEM verticals in Mordor and Grand View, matching the sector's rising regulatory emphasis on asset inventory and device security. | 高 | SM008, SM009, SM027 |
| CM038 | The market's fastest-growth signals come from adjacent exposure and attack-surface categories, which are growing faster than classic endpoint-protection baselines in public forecasts. | 高 | SM013, SM015, SM017, SM018 |
| CM039 | Tanium's most defensible serviceable wedge is regulated, heterogeneous, and operationally complex organizations that need real-time asset inventory, patching, exposure prioritization, and workflow automation across large endpoint estates. | 高 | SM002, SM003, SM006, SM022, SM027, SM030 |
| CM040 | The adoption path typically starts with one endpoint or security control problem but expands into cross-functional buying by CIO or endpoint teams, CISO or risk teams, ITSM owners, and procurement or compliance approvers. | 高 | SM006, SM020, SM026, SM029 |
| CM041 | Tanium's category convergence creates a go-to-market constraint because ownership can shift among endpoint management, security, IT operations, or modernization budgets. | 中 | SM001, SM003, SM006, SM029 |
| CM042 | Analyst category inflation and incumbent bundle overlap are the two main reasons a headline TAM can overstate Tanium's near-term serviceable opportunity. | 高 | SM008, SM010, SM011, SM029 |
| CP001 | Independent market commentary says endpoint management in 2026 has expanded beyond classic UEM into a converged mix of real-time visibility, AI-driven automation, vulnerability management, and security-operations integration. | 中 | SP024 |
| CP002 | Viewpoint Analysis groups Tanium, Ivanti Neurons, and Workspace ONE among the enterprise endpoint-management options, while cloud-native options such as Automox are positioned lower-friction for smaller or more distributed estates. | 中 | SP024 |
| CP003 | Tanium markets one autonomous IT platform for both IT operations and security workflows powered by AI and real-time intelligence. | 中 | SP001 |
| CP004 | Tanium positions its platform as a single unified layer that supports every step of IT operations and security workflows rather than as a point tool. | 中 | SP001 |
| CP005 | Tanium Cloud has FedRAMP authorization, which supports its credibility in public-sector and other regulated buying motions. | 中 | SP002 |
| CP006 | Microsoft Intune Plan 1 is priced at $8 per user per month and is included with Microsoft 365 E3, E5, F1, F3, and Business Premium plans. | 高 | SP003, SP015 |
| CP007 | Microsoft Intune Plan 2 adds $4 per user per month and Intune Suite adds $10 per user per month for advanced endpoint-management and security capabilities. | 中 | SP015 |
| CP008 | Microsoft documents Intune government service on Azure Government for GCC High and DoD, including IL4 and IL5 environments and broad major-OS support. | 中 | SP016 |
| CP009 | PeerSpot ranks Microsoft Intune #1 in UEM with 22.3% mindshare versus Tanium #7 with 6.6% mindshare as of May 2026. | 中 | SP011 |
| CP010 | PeerSpot reports 95% willingness-to-recommend for Intune versus 80% for Tanium. | 中 | SP011 |
| CP011 | Independent PeerSpot comparison commentary says Intune is more cost-effective and easier to deploy in the cloud, while Tanium is stronger on real-time data collection and deep visibility. | 中 | SP011 |
| CP012 | SelectHub says Intune is strongest for Microsoft-heavy environments, while Tanium stands out for fast patch deployment and real-time control across large and complex estates. | 中 | SP012 |
| CP013 | Ivanti Neurons for UEM manages iOS, Android, macOS, Windows, ChromeOS, and IoT devices from a single pane of glass. | 中 | SP004 |
| CP014 | Ivanti markets real-time asset discovery, natural-language querying, and AI-powered self-healing or self-securing endpoint automation. | 中 | SP004 |
| CP015 | Ivanti’s federal page says agencies can use FedRAMP-certified solutions in on-premises, cloud-based, or hybrid deployment models. | 中 | SP005 |
| CP016 | CrowdStrike Falcon for IT adds risk-based patching, script execution across Windows, macOS, and Linux, and Charlotte AI natural-language queries. | 中 | SP006 |
| CP017 | CrowdStrike Falcon Exposure Management uses a single agent plus active, passive, and third-party discovery to expose endpoint, cloud, network, OT/IoT, and shadow-AI risks without complex scanning infrastructure. | 中 | SP017 |
| CP018 | CrowdStrike positions its exposure-management workflow around minute-level feedback and automated remediation, showing how security-led products are expanding into Tanium-adjacent operational territory. | 中 | SP017 |
| CP019 | SentinelOne positions Singularity as one enterprise-wide platform spanning endpoint, cloud, and identity protection and response. | 中 | SP018 |
| CP020 | SentinelOne markets vulnerability management as agent-based and scan-less, with deployment in minutes and real-time prioritization. | 中 | SP007 |
| CP021 | SentinelOne’s federal page says the Singularity platform is available as FedRAMP High SaaS in AWS GovCloud and can also be deployed on-premises or air-gapped. | 中 | SP019 |
| CP022 | HCL BigFix says it manages 155M+ endpoints, supports 120+ operating systems, offers 630,000+ Fixlets, and delivers more than 98% first-pass patch success. | 高 | SP008, SP025 |
| CP023 | HCL self-reports that BigFix was named a Leader in Gartner’s 2026 Magic Quadrant for Endpoint Management. | 中 | SP009 |
| CP024 | Workspace ONE UEM emphasizes multi-tenant architecture, low-touch remote onboarding, automation, conditional access, and automated patch management across major operating systems. | 中 | SP020 |
| CP025 | Workspace ONE explicitly markets public-sector and regulated references, including police and healthcare organizations. | 中 | SP020 |
| CP026 | NinjaOne’s Tanium-alternatives page positions NinjaOne as a 100% cloud-based alternative that is faster to deploy and easier to manage than Tanium. | 中 | SP021 |
| CP027 | Retained NinjaOne sources say the company serves 35,000+ customers in 140+ countries and packages endpoint management, autonomous patching, backup, and remote access in one console. | 中 | SP021, SP025 |
| CP028 | NinjaOne and PeerSpot both frame Tanium as more complex and more expensive to stand up than simpler cloud-native alternatives. | 高 | SP021, SP022 |
| CP029 | PeerSpot’s alternatives page says CrowdStrike, SentinelOne, Qualys, and NinjaOne all compete with Tanium using easier deployment or lower setup-cost positioning. | 中 | SP022 |
| CP030 | Slashdot’s Automox, Intune, and Tanium comparison describes Automox as cloud-native and infrastructure-light while showing Tanium as supporting both web-based and on-premises deployment models. | 中 | SP014 |
| CP031 | Automox publicly lists OS patching at $1 per endpoint per month annually, with higher tiers adding third-party patching, automation policies, multi-organization management, and remote control. | 中 | SP010 |
| CP032 | Atera’s Tanium-alternatives page publishes per-technician pricing and uses AI-heavy messaging to position itself as a lower-friction alternative to Tanium. | 低 | SP023 |
| CP033 | SourceForge’s alternatives page says NinjaOne combines endpoint management, autonomous patching, backup, and remote access and repeats a 98% customer-satisfaction claim. | 中 | SP025 |
| CP034 | SourceForge’s alternatives page describes Qualys TruRisk as continuous, always-on visibility with built-in prioritization, patching, and flexible sensor or appliance deployment. | 中 | SP025 |
| CP035 | SourceForge’s alternatives page describes Atera as an all-in-one agentic AI IT platform with 13K+ customers and autonomous tier-1 issue resolution. | 中 | SP025 |
| CP036 | SourceForge’s alternatives page describes BigFix as unified endpoint and infrastructure management with AI-driven automation and real-time vulnerability remediation. | 中 | SP013, SP025 |
| CP037 | Retained public sources consistently distinguish Tanium because its lightweight-agent architecture returns live endpoint query results in seconds rather than scheduled scan windows. | 高 | SP001, SP014, SP024 |
| CP038 | Viewpoint Analysis says real-time versus scheduled data architecture is now a primary selection criterion for buyers focused on incident response, compliance, and vulnerability triage. | 中 | SP024 |
| CP039 | Viewpoint Analysis says Automox is particularly well suited to cloud-first or hybrid environments that need cross-platform patching without traditional on-premises infrastructure. | 中 | SP024 |
| CP040 | Viewpoint Analysis says Workspace ONE remains widely deployed but buyers should factor post-Broadcom licensing and support changes into current evaluations. | 中 | SP024 |
| CP041 | Intune’s inclusion in Microsoft suites plus repeated independent cost-effectiveness commentary creates a bundle floor that compresses Tanium in Microsoft-standardized accounts. | 中 | SP011, SP012, SP015 |
| CP042 | Tanium faces competition on three fronts at once: bundled UEM, enterprise endpoint incumbents, and security-first exposure or remediation platforms. | 中 | SP022, SP024, SP025 |
| CP043 | Retained sources indicate Tanium and BigFix remain strongest in large, regulated, or operationally complex environments, while NinjaOne, Automox, and Atera skew toward lower-friction cloud delivery. | 中 | SP010, SP021, SP023, SP024 |
| CP044 | The practical substitute set for Tanium is often a mixed stack of bundled UEM, patching, and security tools rather than another single platform that reproduces all of Tanium’s functions. | 中 | SP022, SP024, SP025 |
| CP045 | Independent comparison pages expose more packaging detail for Intune and Automox than for Tanium, reinforcing that Tanium remains a quote-led enterprise purchase rather than a public-list-price product. | 中 | SP010, SP013, SP015 |
| CP046 | Retained review and competitor sources repeatedly place Tanium in the large-enterprise, mature-team segment rather than in SMB or lightweight IT operations use cases. | 中 | SP012, SP021, SP023 |
| CI001 | Public Tanium packaging spans Core, Endpoint Management, Risk & Compliance, and Incident Response solution areas. | 高 | SI008, SI009 |
| CI002 | AWS Marketplace sells an annual 1,500-endpoint Tanium bundle containing Core Plus, Endpoint Management Plus, Risk & Compliance Plus, and Incident Response. | 高 | SI008, SI009 |
| CI003 | The North Carolina procurement filing dated April 1, 2025 applies a 2,000-endpoint minimum to most Tanium modules and appliances. | 中 | SI008 |
| CI004 | Core Plus carries a $34.20 North Carolina contract price per endpoint versus a $38 list price. | 中 | SI008 |
| CI005 | Endpoint Management Plus carries a $19.80 North Carolina contract price per endpoint versus a $22 list price. | 中 | SI008 |
| CI006 | Risk & Compliance Plus carries a $12.15 North Carolina contract price per endpoint versus a $13.50 list price. | 中 | SI008 |
| CI007 | Incident Response carries a $12.15 North Carolina contract price per endpoint versus a $13.50 list price. | 中 | SI008 |
| CI008 | Threat Response carries a $17.10 North Carolina contract price per endpoint, while Patch 2 is $6.53 and Asset is $4.37 at North Carolina contract pricing. | 中 | SI008 |
| CI009 | Appliance hardware still sells at North Carolina contract prices from $28,800 for small units to $111,360 for x-large units, plus maintenance renewals. | 中 | SI008 |
| CI010 | AWS states Tanium pricing is contract-duration based and may incur additional AWS infrastructure costs. | 中 | SI009 |
| CI011 | Independent 2024-2025 sources place Tanium at roughly $700 million revenue or ARR scale. | 高 | SI002, SI004 |
| CI012 | Forbes reported free cash flow margins above 10% and EBITDA profitability in August 2024. | 中 | SI002 |
| CI013 | Forbes reported cloud ARR near $300 million, nearly half of total ARR, growing 40% year over year. | 中 | SI002 |
| CI014 | Forbes reported Tanium secures 32 million employee devices and penetrates seven of the ten largest U.S. retailers plus eight of the ten largest commercial banks. | 中 | SI002 |
| CI015 | Forbes company coverage listed Tanium at a $9 billion valuation, roughly $1.1 billion raised, and 2,000 employees as of September 2025. | 中 | SI003 |
| CI016 | Yahoo Finance or Forge estimated Tanium's valuation at $4.26 billion as of May 15, 2026. | 中 | SI005 |
| CI017 | Yahoo or Forge shows the last public funding mark as a June 25, 2020 Series H of $150 million at a $9 billion post-money valuation. | 高 | SI004, SI005 |
| CI018 | Latka updated on Nov. 26, 2025 reports 2024 revenue of $700 million and total funding of roughly $1.1 billion. | 中 | SI004 |
| CI019 | Latka also reports roughly 2.3 thousand employees and 2.5 thousand customers as of 2026. | 中 | SI004 |
| CI020 | Post-May-2024 public evidence still supports Tanium being worth far more than $1 billion, with visible public markers spanning $4.26 billion to $9 billion between May 2026 and September 2025. | 高 | SI003, SI004, SI005 |
| CI021 | The 2026 Forrester TEI press release says a composite 48,000-endpoint enterprise achieved 235% ROI, $20.1 million of benefits, and payback in under six months. | 中 | SI007 |
| CI022 | The same TEI study reported 75% lower MTTR, 95% greater workstation patching efficiency, 70% productivity improvement, and 80% software reclamation by year three. | 中 | SI007 |
| CI023 | Carahsoft lists Tanium on NASA SEWP V through Sept. 30, 2026 and Army ITES-SW2 through Aug. 30, 2030, plus state and education vehicles extending to 2028. | 中 | SI010 |
| CI024 | Tanium Cloud for U.S. Government is marketed as FedRAMP Moderate, fully managed by Tanium, and zero-infrastructure for agencies. | 高 | SI011, SI013 |
| CI025 | Public Tanium materials identify the U.S. military or armed forces as a customer base, and Tanium's DoD brief says the platform is trusted by six branches of the U.S. Armed Forces. | 高 | SI003, SI012 |
| CI026 | Tanium's federal guidance materials emphasize that the platform is sold both cloud and on-prem and is used for vulnerability response, compliance, and zero-trust programs. | 高 | SI011, SI013 |
| CI027 | The Tanium plus Microsoft DoD brief positions the joint stack as a way to improve Microsoft 365 E5 value, zero-trust enforcement, and remediation on critical managed networks. | 中 | SI014 |
| CI028 | Public headcount proxies place Tanium above 2,000 employees by late 2025. | 高 | SI003, SI004, SI019 |
| CI029 | Revelio estimates 2,539 employees as of December 2025, up 4.5% year over year. | 中 | SI019 |
| CI030 | Revelio says active job postings rose to 196 in 2025 from 96 in 2024, up 68.5%. | 中 | SI019 |
| CI031 | Unify says Sales and Support (~705) and Engineering (~598) are Tanium's two largest functions and that the company spans 19 locations. | 中 | SI020 |
| CI032 | ZoomInfo lists Tanium revenue at $378.1 million. | 低 | SI021 |
| CI033 | Public revenue proxies conflict materially because Forbes and Latka point to roughly $700 million scale while ZoomInfo lists $378.1 million. | 中 | SI002, SI004, SI021 |
| CI034 | TrustRadius reviews describe Tanium as expensive, complex to learn, and sometimes high in CPU usage. | 中 | SI022 |
| CI035 | AWS Marketplace external reviews likewise praise real-time visibility but repeatedly cite high cost, complexity, and training burden. | 中 | SI009 |
| CI036 | Tanium's public security advisory index shows a steady stream of 2025-2026 advisories, including a high-severity local privilege-escalation notice and multiple information-disclosure and SQL-injection fixes. | 高 | SI015, SI017 |
| CI037 | TAN-2026-008 disclosed that sensitive data including sessions and API tokens could be inserted into logs, and Tanium advised credential and token rotation. | 高 | SI016, SI017 |
| CI038 | OpenCVE lists multiple 2025-2026 Tanium CVEs, including a 7.8 high-severity local privilege escalation in Patch Endpoint Tools and a 6.3 SQL injection in Asset. | 高 | SI015, SI017 |
| CI039 | In August 2024 the Ninth Circuit reversed and remanded Daniel Howard's fraudulent-misrepresentation claim alleging Tanium misstated RSU fair market value during recruiting. | 中 | SI018 |
| CI040 | Forbes' 2024 profile also recounted earlier executive turnover and employee-relations controversy, leaving a governance overhang even as operations improved. | 中 | SI002, SI018 |
| CI041 | Combining the public roughly $700 million revenue proxy with 2,000-2,539 employee proxies implies roughly $276,000-$350,000 revenue per employee. | 高 | SI002, SI003, SI019 |
| CI042 | The mix of appliance SKUs, on-prem federal deployment material, and FedRAMP cloud offerings indicates Tanium remains a hybrid delivery model rather than a pure SaaS vendor. | 高 | SI008, SI011, SI012 |
| CI043 | No cited public source in this chapter discloses Tanium's current gross margin, net revenue retention, cash balance, burn rate, runway, or customer concentration. | 高 | SI002, SI003, SI004, SI005 |
| CI044 | SEC EDGAR and Mutual Funds Search are the official public filing channels for tracing any mutual-fund or issuer filing breadcrumbs behind private-market marks. | 高 | SI024, SI025 |
| CI045 | TrustRadius' pricing scrape says Tanium has four plans starting at $8.99 with no free trial, but that metadata is much weaker than government procurement price lists. | 低 | SI008, SI023 |
| CI046 | Summing the North Carolina prices for Core Plus, Endpoint Management Plus, Risk & Compliance Plus, and Incident Response implies a public-sector software proxy of about $78.30 per endpoint per year before term or volume adjustments. | 高 | SI008, SI009 |
| CI047 | That North Carolina-derived four-module proxy implies roughly $117,000 of annual software spend at 1,500 endpoints or roughly $157,000 at the 2,000-endpoint procurement minimum, before infrastructure, services, or partner add-ons. | 高 | SI008, SI009 |
| CI048 | Public funding totals also conflict materially because Yahoo or Forge shows $470.94 million total raised while Forbes and Latka show about $1.1 billion. | 中 | SI003, SI004, SI005 |
| CE001 | Tanium positions the Autonomous IT Platform as a single platform that unifies IT operations and security around AI and real-time endpoint intelligence. | 高 | SE001, SE024 |
| CE002 | Public AWS Marketplace listings describe Tanium Autonomous Endpoint Management as spanning Core, Endpoint Management, Risk & Compliance, and Incident Response. | 中 | SE018, SE019 |
| CE003 | Tanium Core is described as providing patented real-time data, comprehensive endpoint visibility, a trusted single source of truth, and automation hooks into third-party systems such as ServiceNow and Microsoft. | 中 | SE018, SE019 |
| CE004 | Tanium Endpoint Management is described as a cross-platform lifecycle tool for provisioning, patching, third-party software deployment, policy enforcement, performance monitoring, and issue investigation across on-prem and cloud endpoints. | 中 | SE018, SE019 |
| CE005 | Tanium Risk & Compliance is described as ingesting vulnerability, compliance-configuration, and sensitive-data findings across millions of assets and supporting runtime SBOM generation. | 中 | SE018, SE019 |
| CE006 | Tanium Incident Response is described as taking operators from incident detection to remediation in one tool while augmenting existing EDR and SIEM systems. | 中 | SE018, SE019 |
| CE007 | Tanium markets Patch as a standalone capability for simplifying and accelerating patch management and compliance. | 高 | SE003, SE024 |
| CE008 | Tanium's autonomous endpoint management guide frames AEM as a workflow-automation category for both security and IT teams rather than only a point patching feature. | 中 | SE005 |
| CE009 | Tanium's official architecture materials say its patented endpoint communications model gives fast visibility and control and scales to millions of endpoints without additional infrastructure. | 高 | SE006, SE007 |
| CE010 | Tanium's architecture paper says legacy hub-and-spoke tools often break down beyond tens of thousands of endpoints and can require days or weeks to push critical patches. | 中 | SE007 |
| CE011 | The same paper says Tanium's linear-chain architecture shifts most traffic onto low-latency LAN paths and reduces direct endpoint-to-server traffic across the WAN. | 中 | SE007 |
| CE012 | In Tanium's own bandwidth example, distributing a 100 GB package to 10,000 endpoints falls from roughly 10,000 off-chain connections and 3.72 TB to about 100 off-chain connections and 37.2 GB when 100 endpoints participate in each chain. | 中 | SE007 |
| CE013 | Tanium says the same architecture disseminates queries and actions in seconds across on-prem, cloud, and million-endpoint environments. | 中 | SE007 |
| CE014 | Tanium's public developer surface includes a developer portal, API onboarding, technology-partner benefits, and a developer community. | 高 | SE008, SE009 |
| CE015 | The public GitHub organization exposes four repositories, including a Tanium fork of Azure Sentinel content updated on 2026-05-18 and octobot updated on 2026-05-08. | 中 | SE015, SE016 |
| CE016 | Tanium's public octobot repository focuses on GitHub, Slack, and Jira workflow automation, which is useful as developer signal but also suggests the public code surface is ancillary rather than core product infrastructure. | 中 | SE015, SE016 |
| CE017 | Microsoft's Tanium Data Connector for Azure Sentinel depends on the Tanium Connect module and Azure Logs Ingestion Workspaces, indicating the published Microsoft integration is log-pipeline oriented. | 中 | SE017 |
| CE018 | ServiceNow's Tanium Service Graph Connector expects Tanium Cloud asset views and writes CMDB CI and software-install records into ServiceNow. | 中 | SE013 |
| CE019 | The ServiceNow connector authenticates to Tanium Cloud with API tokens and implements token auto-rotation, which improves isolation but creates an operational dependency on per-instance token hygiene. | 中 | SE013 |
| CE020 | The ServiceNow connector guide says Tanium clients make outbound TCP connections to port 17472 on the Tanium Cloud instance. | 中 | SE013 |
| CE021 | Tanium Cloud for US Government is listed on the FedRAMP Marketplace as FedRAMP Certified, Class C (Moderate), Rev5, package FR2110342613. | 高 | SE012, SE010 |
| CE022 | Tanium's own FedRAMP announcement says Tanium Cloud for U.S. Government was authorized at the Moderate Impact Level for U.S. government and federal organizations. | 高 | SE010, SE012 |
| CE023 | Public AWS and ServiceNow materials show Tanium operating across both Tanium Cloud and on-prem patterns rather than only a single SaaS deployment model. | 中 | SE013, SE019 |
| CE024 | The public Tanium advisory portal shows 2026 issues spanning Tanium Server, Threat Response, Interact, Discover, Asset, TanOS, and Patch Endpoint Tools. | 高 | SE025, SE028 |
| CE025 | TAN-2026-004 and NVD both identify CVE-2026-2435 as a medium-severity SQL injection issue in Tanium Asset with a base score of 6.3. | 高 | SE026, SE027 |
| CE026 | Tanium and NVD both say CVE-2026-2435 could let an authenticated user with Asset Report Write permission read, create, or modify Asset database objects beyond intended access. | 高 | SE026, SE027 |
| CE027 | Tanium Atlas launched in May 2026 as an autonomous operating system meant to move one operator from intent to outcome in a governed experience. | 中 | SE020, SE021 |
| CE028 | Atlas is described as dynamically generating pages and using ambient agents to surface relevant data, visualizations, and actions before the user has to ask. | 中 | SE020, SE021 |
| CE029 | Atlas is described as running on a curated ensemble of models from OpenAI, Anthropic, Google and others, with Tanium exposing endpoint context through open APIs and MCP. | 中 | SE020, SE021 |
| CE030 | Tanium says Atlas is grounded in telemetry from more than 36 million endpoints worldwide. | 中 | SE020, SE021 |
| CE031 | Channel Insider reported that Tanium's 2026 Converge roadmap linked new AI features back to the company's linear-chain architecture and single unified platform. | 中 | SE029, SE007 |
| CE032 | Channel Insider describes Tanium Ask as Tanium's first agentic AI experience for data discovery, software management, dashboard summarization, embedded documentation, and security triage. | 中 | SE029 |
| CE033 | Channel Insider says the Tanium AI Agent for ServiceNow pulls real-time endpoint intelligence into Now Assist workflows and can trigger actions such as rebooting a device or uninstalling software from chat. | 中 | SE029, SE022 |
| CE034 | SiliconANGLE reports that the joint ServiceNow-Tanium solution is designed to automate endpoint patching and remediation. | 中 | SE022, SE029 |
| CE035 | PeerSpot reviewers credit Tanium with strong inventory management, patch management, real-time queries, and threat hunting. | 中 | SE023 |
| CE036 | PeerSpot reviewers also complain about integration gaps, unclear UI, SaaS-deployment friction, patching complexity, and policy timing issues. | 中 | SE023 |
| CE037 | AWS Marketplace's embedded external reviews show a 4.4 out of 5 score from 54 ratings, but those same reviews flag steep learning curve, high cost, configuration complexity, and possible CPU impact during heavy scanning or patching. | 中 | SE019 |
| CE038 | GetApp's May 2026 overview says Tanium supports environments from thousands to millions of endpoints and unifies management and security around real-time endpoint intelligence and AI. | 中 | SE024 |
| CE039 | GetApp gives Tanium a 4.2 out of 5 overall rating and positions it as a better fit for mid-market and enterprise environments than smaller buyers. | 中 | SE024 |
| CE040 | ServiceNow's app store includes a dedicated Tanium SDK listing, showing that Tanium is productizing workflow integration instead of relying only on ad hoc connectors. | 中 | SE014, SE013 |
| CU001 | Tanium’s customer page says the platform is used by 50% of the Fortune 100. | 中 | SU001 |
| CU002 | Tanium’s customer page says 4 of 5 top U.S. banks use the platform. | 中 | SU001 |
| CU003 | Tanium’s current customer and federal pages both say the platform is deployed across all 6 U.S. Armed Forces branches. | 高 | SU001, SU009 |
| CU004 | Tanium’s federal page says the platform is trusted by major federal civilian agencies. | 中 | SU009 |
| CU005 | The public customer surface spans pharma, insurance, manufacturing, consumer goods, municipal government, public utility, and real-estate services accounts. | 中 | SU001, SU024 |
| CU006 | Tanium’s public customer surface highlights 95% patching-efficiency improvement, 70% productivity improvement, and 75% MTTR reduction as headline customer outcome markers. | 高 | SU001, SU011 |
| CU007 | Business Wire says a commissioned 2026 Forrester TEI study found 235% ROI and $20.1 million in total benefits over three years for a composite enterprise using Tanium. | 高 | SU010, SU011 |
| CU008 | Public deployment-scale proofs include AstraZeneca at roughly 125,000 endpoints, Zurich at more than 100,000, JLL at nearly 90,000, and City of Phoenix at more than 20,000. | 中 | SU002, SU004, SU005, SU013 |
| CU009 | No fetched public Tanium source disclosed an exact active-customer count or segment revenue mix. | 中 | SU001, SU014, SU016 |
| CU010 | The buyer-user pattern in public proofs combines CISO or CIO sponsorship with endpoint, patching, and security-operations teams as daily users. | 中 | SU002, SU003, SU004, SU005, SU013 |
| CU011 | AstraZeneca publicly identifies itself as a Tanium customer using the platform alongside ServiceNow and Microsoft to keep IT systems and research operations running. | 中 | SU002, SU024 |
| CU012 | AstraZeneca’s Tanium case study says the company has more than 89,000 employees, operations in over 100 countries, and about 125,000 endpoint devices. | 中 | SU002 |
| CU013 | AstraZeneca says a Tanium-supported ground-patching program fell from a full week to 10 minutes and that Tanium detected Log4j vulnerabilities with zero disruptions. | 中 | SU002 |
| CU014 | City of Phoenix’s Tanium case study says the city manages more than 20,000 endpoints and employs more than 14,000 people. | 中 | SU004, SU024 |
| CU015 | City of Phoenix says Tanium reduced its patching cycle by 75%. | 中 | SU004 |
| CU016 | Zurich’s Tanium case study says the insurer manages more than 100,000 endpoints worldwide. | 中 | SU005, SU024 |
| CU017 | Zurich says automated patching built on Tanium saves up to 100 resource hours a month. | 中 | SU005 |
| CU018 | Whirlpool says Tanium gave it a single platform to discover, manage, and act on endpoint issues across the environment. | 中 | SU007, SU001 |
| CU019 | Whirlpool says devices out of compliance with policy fell from roughly 5–10% to less than 1% almost overnight after deployment. | 中 | SU007 |
| CU020 | Colgate-Palmolive says Tanium gives it deeper endpoint visibility, more current data, and tighter collaboration between security and IT operations. | 中 | SU003, SU024 |
| CU021 | Metropolitan Water District says its Tanium-Microsoft integration improved mean time to respond to potential risks by up to 20%. | 中 | SU008, SU001 |
| CU022 | Microsoft says JLL used Tanium and Microsoft Defender for Endpoint across nearly 90,000 endpoints in more than 80 countries. | 高 | SU013, SU001 |
| CU023 | Microsoft says JLL reduced cybersecurity spending by 20% by consolidating vendors and using Tanium with Defender for Endpoint. | 高 | SU013, SU001 |
| CU024 | ABB Electrification Americas estimates a 14x ROI on its initial Tanium investment and says it saved hundreds of thousands of person-hours. | 中 | SU006, SU001 |
| CU025 | The highest-quality public Tanium proofs all come from very large, distributed, or regulated estates rather than small single-site environments. | 中 | SU002, SU004, SU005, SU013 |
| CU026 | Tanium’s customer-success hub plus FeaturedCustomers show an active reference program, but the public named set is still a curated sample rather than a random slice of the install base. | 中 | SU022, SU024 |
| CU027 | Tanium’s federal page explicitly maps the offering to EO 14028, KEV remediation under BOD 22-01, BOD 23-01 asset visibility, NIST 800-53, CMMC 2.0, and CDM. | 中 | SU009 |
| CU028 | Tanium’s federal page says the platform is deployed extensively across the U.S. Armed Forces and major federal agencies. | 中 | SU009 |
| CU029 | A Tanium federal-page testimonial quotes former U.S. Marine Corps deputy CIO Renata Spinks saying Tanium was foundational to network modernization because real-time asset certainty is critical. | 中 | SU009 |
| CU030 | Business Wire’s FedRAMP announcement says Tanium technology supported five Department of Defense branches, civilian agencies, and more than 70% of the Fortune 100 at the time of authorization. | 中 | SU012 |
| CU031 | Tanium Cloud for U.S. Government is listed on the current FedRAMP Marketplace, corroborating that Tanium still maintains a federal cloud listing rather than only a historical authorization announcement. | 高 | SU012, SU015 |
| CU032 | Carahsoft’s Tanium contracts page lists current GSA MAS, NASA SEWP V, ITES-SW2, CDM, NASPO, and Texas DIR access paths. | 中 | SU014 |
| CU033 | Texas DIR contract DIR-CPO-5687 is active, directly purchasable, and usable by state and local governments, public education, and other public entities through 2031. | 高 | SU014, SU016 |
| CU034 | Carahsoft’s Tanium case-study page names the State of Arizona, Navy cyber defenders, and a government agency replacing BigFix as featured public-sector stories. | 中 | SU023 |
| CU035 | The public-sector motion is procurement- and compliance-led: FedRAMP, contract vehicles, and mandate mapping reduce friction before public customer outcomes appear. | 高 | SU009, SU014, SU015, SU016 |
| CU036 | TrustRadius gives Tanium a 9.2 out of 10 score across 30 reviews. | 中 | SU018 |
| CU037 | TrustRadius reviewers describe Tanium as expensive and note that the dashboard and support experience can be improved. | 中 | SU018 |
| CU038 | PeerSpot shows Tanium at 3.9 out of 5 with 22 reviews and 80% willing to recommend. | 中 | SU019 |
| CU039 | PeerSpot reviewers say Tanium integrations are not simple, require experienced implementers, and can take three or four days for some policies to reflect. | 中 | SU019 |
| CU040 | AWS Marketplace reviews portray Tanium as strong on real-time visibility and scripting scale but also expensive and complex to manage. | 中 | SU017 |
| CU041 | SoftwareReviews reports 93 likelihood to recommend, 99 plan to renew, 88 satisfaction of cost relative to value, and 83% positive sentiment for Tanium. | 中 | SU020 |
| CU042 | Gartner’s Tanium product page shows both favorable and critical end-user reviews, with steep learning curve plus pricing and implementation issues visible in the review titles. | 中 | SU025 |
| CU043 | None of the fetched public sources disclosed Tanium’s NRR, GRR, gross churn, or exact active customer count. | 中 | SU001, SU018, SU019, SU020, SU025 |
| CU044 | Public durability therefore has to be inferred from review sentiment, repeat-use outcomes, and procurement stickiness rather than from company-disclosed revenue-retention data. | 中 | SU017, SU018, SU020, SU025, SU015 |
| CU045 | The clearest public expansion pattern is Tanium plus Microsoft: AstraZeneca, JLL, and Metropolitan Water District all describe Tanium as the operational layer alongside Microsoft tooling. | 中 | SU002, SU008, SU013 |
| CU046 | Public proofs show Tanium sitting at the intersection of security operations, endpoint operations, and procurement rather than inside a single narrow buyer persona. | 中 | SU002, SU003, SU004, SU005, SU013, SU016 |
| CU047 | Because public proof is concentrated in Fortune 100 firms, top banks, and public agencies, Tanium’s public customer story supports premium enterprise fit but also suggests meaningful large-account concentration risk. | 中 | SU001, SU009, SU014, SU016 |
| CU048 | Complexity, implementation effort, and pricing are the clearest public switching or expansion frictions across independent review surfaces. | 中 | SU017, SU018, SU019, SU020, SU025 |
| CU049 | No fetched public source disclosed top-customer concentration, segment ARR mix, contract-length distribution, or renewal cohorts for Tanium. | 中 | SU001, SU014, SU016, SU018, SU019, SU020 |
| CU050 | The most defensible public land-and-expand thesis is deeper standardization inside already large estates through automation, partner integrations, and compliance-sensitive workloads—not greenfield SMB logo volume. | 中 | SU002, SU004, SU005, SU006, SU013 |
| CU051 | Tanium refreshed its main customers page on 2026-05-08 and its federal-government page on 2026-05-12, indicating that the flagship reference surface was current at the run date. | 高 | SU001, SU009 |
| CR001 | The Ninth Circuit reversed summary judgment for Tanium in Daniel Howard's fraudulent-misrepresentation suit and remanded the case for further proceedings in August 2024. | 中 | SR009 |
| CR002 | Howard's claim centered on whether Tanium represented 30,000 RSUs as having a current fair market value of $5 per share when recruiting him away from Fortinet in 2016. | 中 | SR009, SR010 |
| CR003 | A June 2025 Daubert order says the Howard matter still had a jury trial scheduled for July 15, 2025, showing the dispute persisted through mid-2025. | 中 | SR010, SR011 |
| CR004 | PacerMonitor shows the Howard case was ultimately terminated in November 2025 after a stipulation to dismiss with prejudice was filed. | 中 | SR012 |
| CR005 | The Howard litigation indicates that Tanium's historical equity-compensation communications created enough factual dispute to survive appeal and proceed toward trial before later dismissal. | 中 | SR009, SR010, SR012 |
| CR006 | QuickVault sued Tanium in the Western District of Texas on November 7, 2023 for alleged patent infringement tied to Tanium's XEM platform. | 中 | SR013, SR014 |
| CR007 | QuickVault's complaint asserted seven patents against Tanium and multiple enterprise end users, expanding IP exposure beyond the vendor itself. | 中 | SR013, SR014 |
| CR008 | PatSnap reports the QuickVault matter was dismissed without prejudice on July 10, 2024, so the asserted patents were not adjudicated on the merits and could be refiled. | 中 | SR014 |
| CR009 | Tanium's public security-advisory index lists at least ten 2026 advisories by mid-May 2026 across server, client, Interact, Asset, and other modules. | 中 | SR001 |
| CR010 | TAN-2026-012 says Tanium Server could let an authenticated user with administrator or downloader-auth write permission retrieve remote-source download credentials. | 中 | SR002, SR015 |
| CR011 | TAN-2026-011 says Threat Response could let a user with 'Threat Response Configs - Read' permission gain read-only access to data they should not access. | 中 | SR003, SR016 |
| CR012 | TAN-2026-010 says an authenticated user with 'Write Filter Group' permission could trigger a denial-of-service condition against the Interact workbench. | 中 | SR004 |
| CR013 | TAN-2026-009 says malicious cryptographic content could enable local privilege escalation on systems running the Tanium Client. | 中 | SR005, SR017 |
| CR014 | TAN-2026-008 says TDS logs could expose sessions and API tokens, and Tanium advised customers to review logs, rotate tokens, and invalidate sessions if access was compromised. | 中 | SR006, SR018 |
| CR015 | TAN-2026-004 says SQL injection in Asset could let an authenticated user with Asset Report Write permission read, create, or modify objects beyond intended access. | 中 | SR007, SR019 |
| CR016 | TAN-2026-003 says insecure file permissions in the Enforce Recovery Key Portal could allow local read-only access to restricted data. | 中 | SR008, SR020 |
| CR017 | The clustering of 2026 advisories across multiple Tanium modules implies a continuing patch-management and validation burden for customers running the broader suite. | 中 | SR001, SR002, SR003, SR005, SR006, SR007, SR008 |
| CR018 | PeerSpot reviews say users see unclear interfaces, network-related issues, cumbersome patching, delayed policy application, and documentation gaps. | 中 | SR026 |
| CR019 | PeerSpot also says Tanium is often priced materially above alternatives, with some users calling it two to two-and-a-half times more expensive. | 中 | SR026 |
| CR020 | TrustRadius reviewers call Tanium pricing expensive, say reporting and dashboards need improvement, and report occasional high CPU utilization issues. | 中 | SR027 |
| CR021 | The TrustRadius BigFix comparison says Tanium's site configuration and access control can be cumbersome. | 中 | SR032 |
| CR022 | The same TrustRadius comparison says Tanium's ring topology can create associated-node failure if a central hub fails. | 中 | SR032 |
| CR023 | TrustRadius also says some customers view Tanium's on-prem operating model as pushing maintenance responsibility back onto the buyer, with support quality having declined since initial deployment. | 中 | SR032 |
| CR024 | SelectHub says getting Tanium running can be difficult because setup is intricate and requires specialized knowledge. | 中 | SR031 |
| CR025 | SelectHub says Tanium's endpoint footprint can be resource-intensive and that the product is best suited to large enterprises with deep budgets and experienced security teams. | 中 | SR031 |
| CR026 | Carahsoft lists Tanium on NASA SEWP V through September 30, 2026, ITES-SW2 through August 2030, California's CMAS through August 2028, and Maryland's software contract through September 2027. | 中 | SR021 |
| CR027 | NASA says the SEWP V ordering period itself is extended through September 30, 2026 with option periods into April 2027. | 中 | SR022 |
| CR028 | Forbes identifies Bank of America, Best Buy, and the U.S. military as Tanium customers. | 中 | SR023 |
| CR029 | Yahoo says Tanium serves top retailers, commercial banks, and federal organizations and manages millions of endpoints. | 中 | SR024 |
| CR030 | Frontier's interview with Tanium's public-sector CIO says government cybersecurity procurement is complicated by budget constraints, staffing issues, and uneven organizational maturity. | 中 | SR025 |
| CR031 | Frontier also says lower levels of government often lack budget for adequate cybersecurity tooling and need more automation and shared standards. | 中 | SR025 |
| CR032 | Taken together, Tanium's public contract-vehicle exposure and its own public-sector commentary point to long procurement cycles and sensitivity to budget-driven federal demand. | 中 | SR021, SR022, SR025 |
| CR033 | PeerSpot's May 2026 CrowdStrike comparison says Tanium had 2.3% EPP mindshare versus CrowdStrike's 6.2% and 80% willingness-to-recommend versus 97% for CrowdStrike. | 中 | SR028 |
| CR034 | The same PeerSpot comparison says Tanium's deployment can be slower because on-prem implementation is more time-consuming than CrowdStrike's cloud-based setup. | 中 | SR028 |
| CR035 | PeerSpot's BigFix comparison says BigFix had 97% willingness-to-recommend versus 80% for Tanium and flags Tanium pricing complexity, interface clarity, scaling, and network-optimization complaints. | 中 | SR029 |
| CR036 | Comparitech says CrowdStrike brings broader cloud security coverage while Tanium is positioned as a mix of endpoint management and security products. | 中 | SR030 |
| CR037 | Yahoo says Tanium has deepened integration with Microsoft Intune and ServiceNow, which can improve stickiness but also increases exposure to platform partners that may bundle adjacent functions. | 中 | SR024 |
| CR038 | Channel Insider says Tanium is expanding from core endpoint management into mobile, OT, ServiceNow AI agents, and Tanium Ask. | 中 | SR033 |
| CR039 | NAND Research says Tanium AEM relies on real-time recommendations, confidence scores, phased deployment rings, and low-code automation to reduce change risk. | 中 | SR034 |
| CR040 | SANS frames Tanium's AEM pitch around hybrid IT complexity, manual-process limits, and a single-agent architecture intended to become a shared source of truth. | 中 | SR035 |
| CR041 | Yahoo says Tanium faces intense competition from vendors such as Tenable, Palo Alto Networks, and CrowdStrike as it pivots toward AI-driven autonomous endpoint management. | 中 | SR024 |
| CR042 | Channel Insider says Tanium is aiming for autonomous IT rather than just point security, which widens the execution surface the company must deliver across multiple endpoint types and workflows. | 中 | SR033, SR034 |
| CR043 | Public sources do not disclose exact top-customer concentration, federal revenue mix, or attach rates for new AI features, leaving concentration and monetization sensitivity unresolved. | 中 | SR021, SR023, SR024 |
| CR044 | Public risk signals cluster around one pattern: Tanium's product breadth can be valuable in large estates, but the same breadth raises implementation complexity, patching burden, and close-rate pressure in competitive RFPs. | 中 | SR026, SR027, SR028, SR029, SR031, SR032 |
| CR045 | Tanium's public advisories show some mitigation maturity because the company publishes affected versions, fixed versions, and operational remediation steps such as credential rotation and session invalidation. | 中 | SR002, SR006, SR007, SR008 |
| CR046 | The underwriting issue is less whether Tanium has growth paths than whether it can turn AI and autonomous-operations messaging into measurably simpler deployments before competitors compress price and bundle advantage. | 中 | SR028, SR029, SR031, SR033, SR034, SR035, SR036 |
| CV001 | Forbes reported in August 2024 that Tanium’s annual recurring revenue had passed $700 million. | 中 | SV001 |
| CV002 | Forbes reported in August 2024 that Tanium’s free-cash-flow margins were north of 10%. | 中 | SV001 |
| CV003 | Forbes reported in August 2024 that Tanium was profitable on an EBITDA basis. | 中 | SV001 |
| CV004 | Forbes reported in August 2024 that Tanium’s newer cloud business represented about $300 million of ARR and was growing 40% year over year. | 中 | SV001 |
| CV005 | Forbes reported in August 2024 that Tanium’s software was securing 32 million employee devices. | 中 | SV001 |
| CV006 | Forbes’ September 2025 company profile listed Tanium at a $9 billion valuation. | 中 | SV002 |
| CV007 | Forbes’ September 2025 company profile said Tanium had raised $1.1 billion and employed 2,000 people. | 中 | SV002 |
| CV008 | Yahoo Finance’s Forge-backed private-company page showed a May 15, 2026 Forge price of $5.40 for Tanium. | 中 | SV003, SV004 |
| CV009 | Yahoo Finance’s Forge-backed private-company page estimated Tanium’s valuation at $4.26 billion in May 2026. | 中 | SV003 |
| CV010 | Yahoo Finance’s funding-history page showed Tanium’s latest disclosed primary round as a $150 million Series H at a $9 billion post-money valuation on June 25, 2020. | 中 | SV003 |
| CV011 | Business Wire and Morningstar carried Tanium’s May 2026 Atlas launch claim that the platform captures signals across more than 36 million endpoints worldwide. | 中 | SV005, SV006 |
| CV012 | Business Wire and Morningstar carried Tanium’s May 2026 Atlas launch claim that Tanium was a 2026 Gartner endpoint-management leader. | 中 | SV005, SV006 |
| CV013 | Tanium’s FedRAMP release said Tanium Cloud for U.S. Government obtained FedRAMP Moderate authorization. | 中 | SV010 |
| CV014 | Tanium’s ServiceNow release said Tanium’s autonomous IT capabilities were integrated with ServiceNow CMDB, workflows, and AI agents. | 中 | SV011 |
| CV015 | North Carolina’s April 2025 price list showed Tanium Core Plus at a $34.20 NC price with a 2,000-endpoint minimum. | 中 | SV007 |
| CV016 | North Carolina’s April 2025 price list showed Endpoint Management Plus at $19.80 and both Risk & Compliance Plus and Incident Response at $12.15 with the same 2,000-endpoint minimum. | 中 | SV007 |
| CV017 | AWS Marketplace sold a Tanium annual subscription bundle for 1,500 endpoints spanning Core, Endpoint Management, Risk & Compliance, and Incident Response. | 中 | SV008 |
| CV018 | Carahsoft listed Tanium on NASA SEWP V through September 2026 and ITES-SW2 through August 2030. | 中 | SV009 |
| CV019 | In Howard v. Tanium, the Ninth Circuit revived Daniel Howard’s fraud claim over Tanium’s stock-value representations. | 中 | SV012 |
| CV020 | The Howard opinion described Howard’s allegation that Tanium represented his RSUs at $5 per share while a 409A valuation was $2.01 per share. | 中 | SV012 |
| CV021 | Tanium’s 2026-008 advisory said a medium-severity vulnerability could expose sensitive information including sessions and API tokens in TDS logs. | 中 | SV013 |
| CV022 | Forbes’ August 2024 article, Forbes’ September 2025 profile, and Yahoo Finance’s May 2026 Forge estimate together place Tanium between $4.26 billion and $9 billion after May 2024, clearly above the $1 billion unicorn floor. | 高 | SV001, SV002, SV003 |
| CV023 | Using Forbes’ August 2024 $700 million ARR anchor and Yahoo Finance’s $4.26 billion May 2026 estimate, Tanium’s implied valuation-to-ARR proxy is about 6.1x. | 中 | SV001, SV003 |
| CV024 | Using the same $700 million ARR anchor and Forbes’ September 2025 $9 billion profile mark, Tanium’s implied valuation-to-ARR proxy is about 12.9x. | 中 | SV001, SV002 |
| CV025 | Using Yahoo Finance’s $4.26 billion estimate against the 2020 $9 billion round implies a markdown of roughly 53%. | 中 | SV003 |
| CV026 | CompaniesMarketCap put CrowdStrike’s market capitalization at $157.51 billion in May 2026. | 中 | SV014 |
| CV027 | CrowdStrike’s fiscal 2026 Form 10-K reported total revenue of $4.812 billion. | 中 | SV015 |
| CV028 | CrowdStrike’s May 2026 market-cap-to-revenue proxy was about 32.7x. | 中 | SV014, SV015 |
| CV029 | CompaniesMarketCap put SentinelOne’s market capitalization at $5.98 billion in May 2026. | 中 | SV016 |
| CV030 | SentinelOne’s fiscal 2026 Form 10-K reported revenue of $1.0013 billion. | 中 | SV017 |
| CV031 | SentinelOne’s May 2026 market-cap-to-revenue proxy was about 6.0x. | 中 | SV016, SV017 |
| CV032 | CompaniesMarketCap put Tenable’s market capitalization at $2.54 billion in May 2026. | 中 | SV018 |
| CV033 | Tenable’s 2025 Form 10-K said revenue grew from $900.0 million to $999.4 million. | 中 | SV019 |
| CV034 | Tenable’s May 2026 market-cap-to-revenue proxy was about 2.5x. | 中 | SV018, SV019 |
| CV035 | CompaniesMarketCap put Qualys’ market capitalization at $3.45 billion in May 2026. | 中 | SV020 |
| CV036 | Qualys’ 2025 Form 10-K said revenue increased to $669.1 million in 2025. | 中 | SV021 |
| CV037 | Qualys’ May 2026 market-cap-to-revenue proxy was about 5.2x. | 中 | SV020, SV021 |
| CV038 | CompaniesMarketCap put Palo Alto Networks’ market capitalization at $200.76 billion in May 2026. | 中 | SV022 |
| CV039 | Palo Alto Networks’ fiscal 2025 Form 10-K reported total revenue of $9.2 billion. | 中 | SV023 |
| CV040 | Palo Alto Networks’ May 2026 market-cap-to-revenue proxy was about 21.8x. | 中 | SV022, SV023 |
| CV041 | CNBC reported that NinjaOne crossed $500 million in annualized recurring revenue by January 2026 with nearly 70% year-over-year growth. | 中 | SV024 |
| CV042 | NinjaOne’s February 2025 funding extension added $500 million at a $5 billion valuation. | 中 | SV025 |
| CV043 | NinjaOne’s disclosed valuation-to-ARR proxy was about 10x around early 2026. | 中 | SV024, SV025 |
| CV044 | Reuters reported in March 2024 that Axonius raised $200 million at a $2.6 billion valuation. | 中 | SV026 |
| CV045 | Reuters reported that Axonius had already surpassed $100 million ARR in 2023 and was still growing revenue at a double-digit annual rate in 2024. | 中 | SV026 |
| CV046 | Forbes said Axonius was projected to cross $200 million ARR in 2025 and had more than 670 customers. | 中 | SV027 |
| CV047 | Using Forbes’ >$200 million ARR projection, Axonius’ disclosed valuation-to-ARR proxy was about 13x or lower. | 中 | SV027, SV026 |
| CV048 | Wiz said it raised $1 billion at a $12 billion valuation in May 2024. | 中 | SV028 |
| CV049 | CNBC separately reported that Wiz’s May 2024 round valued the company at $12 billion after a $1 billion raise. | 中 | SV029 |
| CV050 | Forbes said Wiz was already more than halfway to its $1 billion ARR goal after the 2024 raise. | 中 | SV030 |
| CV051 | Using more than $500 million ARR as a floor, Wiz’s 2024 valuation implied a sub-24x ARR multiple. | 中 | SV028, SV029, SV030 |
| CV052 | Tanium’s current 6.1x proxy sits close to SentinelOne and Qualys, above Tenable, and far below CrowdStrike and Wiz-style premium multiples. | 中 | SV003, SV014, SV015, SV016, SV017, SV018, SV019, SV020, SV021, SV028, SV029, SV030 |
| CV053 | Tanium’s legacy 12.9x proxy looks rich versus SentinelOne, Qualys, and Tenable, and only looks comfortable if Tanium still deserves a private-platform premium. | 中 | SV001, SV002, SV016, SV017, SV018, SV019, SV020, SV021 |
| CV054 | A public-evidence bear range of roughly $3.0 billion to $4.0 billion is consistent with applying about 4x-6x to the stale $700 million ARR anchor and discounting governance and security overhang. | 中 | SV001, SV003, SV012, SV013, SV018, SV019, SV020, SV021 |
| CV055 | A public-evidence base range of roughly $4.5 billion to $6.0 billion is consistent with 6x-8x on the same $700 million anchor and lines up with the current secondary estimate plus modest growth. | 中 | SV001, SV003, SV005, SV009 |
| CV056 | A public-evidence bull range of roughly $7.5 billion to $9.5 billion requires refreshed ARR growth, durable margins, and proof that Atlas and partner integrations preserve a premium multiple. | 低 | SV001, SV002, SV005, SV011 |
| CV057 | The most material missing inputs for valuation underwriting are current ARR, NRR, gross margin, cash burn, and the full preference waterfall. | 中 | SV001, SV002, SV003, SV004 |
| CV058 | Forbes’ 2024 profile, Forbes’ 2025 profile, Yahoo’s 2026 secondary mark, Atlas’ 2026 endpoint scale, and public pricing evidence together support the conclusion that Tanium remains a scaled late-stage private cyber platform rather than a sub-unicorn asset. | 高 | SV001, SV002, SV003, SV005, SV007 |
| CV059 | Public evidence supports a track / research-more recommendation because valuation support exists at secondary levels, but the company has not refreshed the financial disclosures needed to underwrite upside with confidence. | 中 | SV001, SV002, SV003, SV004, SV012 |
| CV060 | Public evidence supports a fair-at-secondary and stretched-at-legacy valuation stance. | 中 | SV001, SV002, SV003, SV014, SV015, SV016, SV017, SV018, SV019, SV020, SV021 |
| CV061 | Any constructive thesis breaks if refreshed ARR is materially below the 2024 $700 million anchor or if the preference stack leaves limited common-equity value near the current secondary range. | 中 | SV001, SV003, SV012 |
| CV062 | Governance litigation and current product advisories mean Tanium still carries non-fundamental discount risk that can widen valuation pressure even if core operations remain solid. | 中 | SV012, SV013 |
| CV063 | Forbes reported in August 2024 that Tanium felt comfortable remaining private and did not treat an IPO as top of mind. | 中 | SV001 |
| 编号 | 出版方 | 标题 | 引文 |
|---|---|---|---|
| SO001 | Tanium | About | Tanium | Tanium delivers Autonomous IT. With real-time endpoint intelligence and control, IT & Security leaders can make their organizations unstoppable. |
| SO002 | Tanium | Dan Streetman | Tanium | Dan Streetman serves as Tanium’s chief executive officer and as a member of the company’s board of directors. |
| SO003 | Tanium | Orion Hindawi | Tanium | Orion Hindawi co-founded Tanium in 2007 and serves as its Chief Executive Officer. |
| SO004 | Tanium | David Hindawi | Tanium | David Hindawi co-founded Tanium in 2007 and serves as the Executive Chairman. |
| SO005 | Tanium | Mark Fields | Tanium | Mark Fields served as president and CEO of Ford Motor Company and was a member of the company’s board of directors from 2014-2017. |
| SO006 | Tanium | Maggie Wilderotter | Tanium | Maggie Wilderotter is a seasoned executive who, as CEO, has led both Fortune 500 companies and start-ups in her career. |
| SO007 | Tanium | Tim Millikin | Tanium | Tim Millikin is a Partner at TPG, a leading global alternative asset management firm, and a Tanium board member. |
| SO008 | Tanium | Marc Levine | Tanium | As Chief Financial Officer, Marc Levine leads Tanium’s global finance team and finance-related operational functions. |
| SO009 | Tanium | Tanium Introduces Tanium Atlas to Transform IT and Security Operations for the Age of AI | Tanium | New autonomous operating system brings real-time intelligence, guidance and action together in one experience. |
| SO010 | Tanium | Tanium Combines Forces with ServiceNow to Deliver New Autonomous IT Solution Powered by Industry-Leading Platforms | Tanium | Organizations gain greater insight and enforcement across IT environments through integration of Tanium’s Autonomous IT Platform capabilities with ServiceNow CMDB, workflows and AI agents. |
| SO011 | Tanium | Tanium Cloud Obtains FedRAMP Authorization | Tanium | Tanium today announced it has furthered its dedication to the protection of the U.S. government and other federal organizations through FedRAMP with the authorization of Tanium Cloud for U.S. Government at the Moderate Impact Level. |
| SO012 | Tanium | Tanium Announces a Partnership with Salesforce to Reimagine Employee Service Management | Tanium | |
| SO013 | Tanium | Tanium Announces $150 Million Funding Round Sparked by Major Industry Partnerships | Tanium | Tanium today announced that it has completed the sale of an additional $150 million in common stock. |
| SO014 | Tanium | Former Ford Motor Company CEO Mark Fields Joins the Board of Directors of Tanium | Tanium | |
| SO015 | Tanium | Tanium locations | Tanium | |
| SO016 | Tanium | Best Buy | Tanium | Discover how Tanium and Microsoft provide retail giant Best Buy with an integrated security solution that consolidates data for better visibility and control. |
| SO017 | Tanium | United States Navy | Tanium | |
| SO018 | Tanium | Autonomous IT for federal government agencies | Tanium | Tanium supports IT security and operations for U.S. Federal Government Agencies so they can accomplish their mission. |
| SO019 | Business Insider | Tanium, the fast-growing cybersecurity startup backed by Salesforce Ventures, raised $150 million in new funding that brings its valuation over $9 billion | Tanium announced it has raised $150 million in new funding this week, giving it a valuation of “over” $9 billion. |
| SO020 | Business Wire | Tanium Appoints Dan Streetman as Chief Executive Officer | Orion Hindawi, who is the co-founder and current CEO of Tanium, will assume the role of executive chairman. |
| SO021 | Forbes | Tanium | Company Overview & News | Now valued at $9 billion, the Emeryville, California-based firm has raised $1.1 billion and employs 2,000 people. |
| SO022 | Securities and Exchange Commission | EDGAR Search Results | Mailing Address 2100 POWELL STREET, SUITE 300 EMERYVILLE CA 94608. |
| SO023 | CB Insights | Tanium - Products, Competitors, Financials, Employees, Headquarters Locations | Founded Year 2007 ... Stage Secondary Market | Alive ... Total Raised $1.174B. |
| SO024 | Yahoo Finance | Tanium (TANI.PVT) company profile and facts - Yahoo Finance | Forge Price as of May 15, 2026 ... Full Time Employees: 1,001. |
| SO025 | ZoomInfo | Tanium - Overview, News & Similar companies | ZoomInfo.com | Headquarters 3550 Carillon Pt, Kirkland, Washington ... Revenue $378.1 Million ... Tanium has 1K - 5K employees. |
| SO026 | Wikipedia | Tanium | Tanium is a privately held cybersecurity and systems management company founded in 2007 with headquarters in Kirkland, Washington, and its operations center in Emeryville, California. |
| SO027 | SiliconANGLE | Tanium and ServiceNow launch joint solution to automate endpoint patching and remediation - SiliconANGLE | |
| SO028 | Morningstar | Tanium Introduces Tanium Atlas to Transform IT and Security Operations for the Age of AI | Across more than 36 million endpoints worldwide, Tanium captures a comprehensive range of endpoint signals at high fidelity, in real time. |
| SO029 | Inc. | The CEO of This $3.7 Billion Startup Allegedly Fired Employees Right Before Their Stock Options Vested | The most remarkable claim in Bloomberg’s story is an allegation that Hindawi kept tabs on the employees who had chunks of stock options and fired some of them right before their stock vested. |
| SO030 | Health Data Management | Tanium CEO apologizes for exposing hospital network in sales events - Health Data Management | When pitching its security technology to potential customers, Tanium sales staff used the internal corporate network of El Camino Hospital for live demos without the hospital’s permission or knowledge. |
| SO031 | Justia | DANIEL HOWARD V. TANIUM, INC., No. 23-15451 (9th Cir. 2024) | Plaintiff Daniel Howard sued Defendant Tanium, Inc., for fraudulent misrepresentation. |
| SO032 | Business Wire | Tanium Cloud Obtains FedRAMP Authorization | Tanium Cloud for U.S. Government received authorization at the Moderate Impact Level, and Tanium technology currently supports five branches of the Department of Defense, civilian agencies, and more than 70% of the Fortune 100 companies. |
| SO033 | Yahoo Finance UK | The CEO of a $3.7 billion startup is accused of firing employees right before their stock options vest, report says | The most remarkable allegation in Bloomberg’s story is that Hindawi kept tabs on employees who had chunks of stock options and fired some right before their stock vested. |
| SM001 | Tanium | Tanium Autonomous IT Platform | |
| SM002 | Tanium | Endpoint Management Solutions and Security Platform | |
| SM003 | Tanium | Vulnerability exposure management and compliance solutions | |
| SM004 | Tanium | Autonomous IT for state & local government agencies | |
| SM005 | Tanium | Ultimate Guide to Autonomous Endpoint Management | |
| SM006 | Tanium | Tanium Combines Forces with ServiceNow to Deliver New Autonomous IT Solution Powered by Industry-Leading Platforms | |
| SM007 | Tanium | Tanium Cloud Obtains FedRAMP Authorization | |
| SM008 | Mordor Intelligence | Unified Endpoint Management Market Size, Trends, Share & Industry Forecast 2031 | |
| SM009 | Grand View Research | Unified Endpoint Management Market Size Report, 2030 | |
| SM010 | The Business Research Company | Unified Endpoint Management Market Report 2026 | |
| SM011 | Technavio | Unified Endpoint Management (UEM) Market Growth Analysis - Size and Forecast 2026-2030 | |
| SM012 | MarketsandMarkets | Unified Endpoint Management Market Size, Share, Trends and Industry Analysis | |
| SM013 | Fortune Business Insights | Endpoint Protection Platform Market Share, Size, Trend, 2034 | |
| SM014 | Grand View Research | Endpoint Protection Platforms Market | Industry Report, 2030 | |
| SM015 | Fortune Business Insights | Exposure Management Market Share, Size, Trend, 2034 | |
| SM016 | MarketsandMarkets | Security and Vulnerability Management Market Report 2025-2030, by Solution, Geo, Tech | |
| SM017 | The Business Research Company | Security and Vulnerability Management Market Report 2026 | |
| SM018 | Fortune Business Insights | Attack Surface Management Market Size, Share | Growth [2034] | |
| SM019 | CISA | Zero Trust Maturity Model | |
| SM020 | CISA | Cyber Hygiene Services | |
| SM021 | CISA | Known Exploited Vulnerabilities Catalog | |
| SM022 | Office of Management and Budget | M-22-09 Federal Zero Trust Strategy | |
| SM023 | NIST | SP 800-207, Zero Trust Architecture | |
| SM024 | NIST | SP 800-124 Rev. 2, Guidelines for Managing the Security of Mobile Devices in the Enterprise | |
| SM025 | HHS | The Security Rule | |
| SM026 | HHS | Security Rule Guidance Material | |
| SM027 | U.S. Government Publishing Office | HIPAA Security Rule To Strengthen the Cybersecurity of Electronic Protected Health Information | |
| SM028 | Verizon Business | 2026 Data Breach Investigations Report (DBIR) | |
| SM029 | Microsoft | What is Microsoft Intune | |
| SM030 | Carahsoft | Tanium | Carahsoft | |
| SP001 | Tanium | Tanium Autonomous IT Platform | Tanium | |
| SP002 | Tanium | Tanium Cloud Obtains FedRAMP Authorization | Tanium | |
| SP003 | Microsoft | Microsoft Intune—Endpoint Management | Microsoft Security | |
| SP004 | Ivanti | Unified Endpoint Management Solutions | Ivanti | |
| SP005 | Ivanti | U.S. Federal Government IT Solutions for MDM, ITSM & UEM | Ivanti | |
| SP006 | CrowdStrike | Falcon for IT: Unified, AI-powered IT Automation | CrowdStrike | |
| SP007 | SentinelOne | Singularity Vulnerability Management | SentinelOne | |
| SP008 | HCLSoftware | Endpoint Management Platform | AI-Powered HCL BigFix | |
| SP009 | HCLSoftware | HCLSoftware Named a Leader in 2026 Gartner® Magic Quadrant™ for Endpoint Management | |
| SP010 | Automox | Automox Pricing | Automated Patching, Configuration, and Control | |
| SP011 | PeerSpot | Microsoft Intune vs Tanium comparison | |
| SP012 | SelectHub | Intune vs Tanium | Which Unified Endpoint Management Tools Wins In 2026? | |
| SP013 | SourceForge | HCL BigFix vs. Microsoft Intune vs. Tanium Comparison | |
| SP014 | Slashdot | Compare Automox vs. Microsoft Intune vs. Tanium in 2026 | |
| SP015 | Microsoft | Microsoft Intune Plans and Pricing | |
| SP016 | Microsoft Learn | Microsoft Intune Government Service overview | |
| SP017 | CrowdStrike | CrowdStrike Falcon Exposure Management | |
| SP018 | SentinelOne | SentinelOne Singularity Platform | |
| SP019 | SentinelOne | Federal Government Cybersecurity | SentinelOne | |
| SP020 | VMware / Omnissa | Workspace ONE UEM | |
| SP021 | NinjaOne | Top Tanium Competitors & Alternatives in 2026 | |
| SP022 | PeerSpot | Tanium Alternatives and Competitors | |
| SP023 | Atera | Top 7 Tanium alternatives for endpoint management in 2026 | |
| SP024 | Viewpoint Analysis | Endpoint Management Software Options 2026 | |
| SP025 | SourceForge | Alternatives to Tanium | |
| SI001 | Tanium | About | Tanium | |
| SI002 | Forbes | Tanium Was Once Security’s Hottest Startup. Now, It’s Back Talking A Big Game. | |
| SI003 | Forbes | Tanium | Company Overview & News | |
| SI004 | Latka | Tanium Revenue 2024: $700M ARR, $8.9B Valuation | |
| SI005 | Yahoo Finance | Tanium (TANI.PVT) Valuation, History & News - Yahoo Finance | |
| SI006 | Yahoo Finance | Tanium (TANI.PVT) company profile and facts - Yahoo Finance | |
| SI007 | Business Wire | Tanium Autonomous IT Platform Delivered 235% ROI, According to Recent Study | |
| SI008 | North Carolina Department of Information Technology | Tanium Price List | |
| SI009 | Amazon Web Services | AWS Marketplace: Tanium Inc On-Prem | |
| SI010 | Carahsoft | Tanium Government IT Procurement Contracts | Carahsoft | |
| SI011 | Tanium | Tanium Cloud for U.S. Government | |
| SI012 | Tanium | Tanium for the U.S. Department of Defense | |
| SI013 | Tanium | Reducing IT risk for the U.S. Federal Government | |
| SI014 | Tanium | Tanium + Microsoft integration in the U.S. Department of Defense | |
| SI015 | Tanium Security Advisories | All Advisories - Tanium Security Advisories | |
| SI016 | Tanium Security Advisories | 2026-008 - Tanium Security Advisories | |
| SI017 | OpenCVE | Tanium CVEs and Security Vulnerabilities | |
| SI018 | Justia | DANIEL HOWARD V. TANIUM, INC., No. 23-15451 (9th Cir. 2024) | |
| SI019 | Revelio Labs | How many employees work at Tanium? | Revelio Labs | |
| SI020 | Unify | Employee Data and Trends for Tanium | Unify | |
| SI021 | ZoomInfo | Tanium - Overview, News & Similar companies | ZoomInfo.com | |
| SI022 | TrustRadius | Tanium Reviews & Ratings 2026 | TrustRadius | |
| SI023 | TrustRadius | Tanium Pricing 2026 | |
| SI024 | U.S. Securities and Exchange Commission | SEC.gov | Search Filings | |
| SI025 | U.S. Securities and Exchange Commission | SEC.gov | Mutual Funds Search | |
| SE001 | Tanium | Tanium Autonomous IT Platform | Tanium | Accelerate decision-making agility by unifying IT operations and security on a single platform, driven by AI and real-time intelligence. |
| SE002 | Tanium | Endpoint Management Solutions and Security Platform | Tanium | Accelerate decision agility and save costs with autonomous operations, integrated IT and security, and comprehensive endpoint management. |
| SE003 | Tanium | Tanium Patch | Tanium | Simplify and accelerate patch management and compliance. |
| SE004 | Tanium | Vulnerability exposure management and compliance solutions | Tanium | Strengthen resilience through continuous vulnerability monitoring, real-time risk scoring and prioritization, and integrated remediation. |
| SE005 | Tanium | Ultimate Guide to Autonomous Endpoint Management | This primer on autonomous endpoint management and modern automation explores what AEM entails, how it helps security and IT teams, and how to choose the right automation tool. |
| SE006 | Tanium | Tanium communication architecture | Tanium | Tanium’s patented endpoint communications architecture provides quick visibility and control across your network's endpoints and can help to scale millions of endpoints without requiring additional infrastructure. |
| SE007 | Tanium | Tanium communication architecture PDF | Tanium’s communication architecture provides real-time visibility and actionability at any scale. |
| SE008 | Tanium Developer Portal | Tanium Developer Portal | Leverage the Tanium APIs to develop management, security and risk solutions. |
| SE009 | Tanium Developer Portal | Introduction to Tanium APIs | Introduction to Tanium APIs. |
| SE010 | Tanium | Tanium Cloud Obtains FedRAMP Authorization | Tanium | Tanium Cloud for U.S. Government (TC-USG) at the Moderate Impact Level. |
| SE011 | Tanium | Tanium Cloud | Tanium | Tanium Cloud. |
| SE012 | FedRAMP Marketplace | Tanium Cloud for US Government (TC-USG) | FedRAMP Marketplace | FedRAMP Certified. Class C (Moderate). |
| SE013 | ServiceNow Community | Tanium Service Graph Connector | Your ServiceNow Instance will be authenticating to your Tanium Cloud Instance using Token based Authentication. |
| SE014 | ServiceNow Store | Tanium SDK - ServiceNow Store | Tanium SDK - ServiceNow Store. |
| SE015 | GitHub | Tanium | Showing 4 of 4 repositories. |
| SE016 | GitHub | GitHub - tanium/octobot: github bot with slack and jira integration | Octobot wants to make your github and slack lives better by triggering more directed pull request notifications. |
| SE017 | Azure / GitHub | Azure-Sentinel Tanium Data Connector README | The Tanium Data Connector deploys the required resources to your Azure instance to enable sending data from Tanium to Sentinel via Logs Ingestion Workspaces. |
| SE018 | AWS Marketplace | AWS Marketplace: Tanium Inc Cloud | Tanium Autonomous Endpoint Management (AEM) leverages real-time insights from Tanium-managed endpoints to recommend and automate endpoint changes safely and at scale. |
| SE019 | AWS Marketplace | AWS Marketplace: Tanium Inc On-Prem | The Tanium AEM Platform spans across four solution areas: Core, Endpoint Management, Risk & Compliance, and Incident Response. |
| SE020 | Help Net Security | Tanium Atlas aims to accelerate threat response in the AI era | Tanium Atlas runs on a curated ensemble of leading AI models from OpenAI, Anthropic, Google and others. |
| SE021 | BusinessWire | Tanium Introduces Tanium Atlas to Transform IT and Security Operations for the Age of AI | Across more than 36 million endpoints worldwide, Tanium captures a comprehensive range of endpoint signals at high fidelity, in real time and exposes them through open APIs and MCP. |
| SE022 | SiliconANGLE | Tanium and ServiceNow launch joint solution to automate endpoint patching and remediation | Tanium and ServiceNow launch joint solution to automate endpoint patching and remediation. |
| SE023 | PeerSpot | Tanium Reviews, Competitors and Pricing | Tanium users highlight the need for improved integrations and custom plugins. |
| SE024 | GetApp | Tanium Overview | Tanium supports environments ranging from thousands to millions of endpoints. |
| SE025 | Tanium Security Advisories | All Advisories - Tanium Security Advisories | Tanium addressed an information disclosure vulnerability in Tanium Server. |
| SE026 | Tanium Security Advisories | 2026-004 - Tanium Security Advisories | Tanium addressed a SQL injection vulnerability in Asset. |
| SE027 | NIST NVD | NVD - cve-2026-2435 | https://security.tanium.com/TAN-2026-004 — Vendor Advisory. |
| SE028 | OpenCVE | Tanium CVEs and Security Vulnerabilities | Tanium addressed a SQL injection vulnerability in Asset. |
| SE029 | Channel Insider | Tanium: Autonomous IT Moves Closer With Platform Updates | Channel Insider | Tanium Ask enables administrators to investigate, troubleshoot, and remediate issues in a single streamlined experience. |
| SU001 | Tanium | Customers | Tanium | 50% of Fortune 100; 4/5 Top U.S. Banks; 6/6 U.S. Armed Forces. |
| SU002 | Tanium | AstraZeneca | Tanium | 10mins time needed with Tanium to do ground-patching program, down from a full week. |
| SU003 | Tanium | Colgate Palmolive | Tanium | Tanium’s unified platform consolidated those point tools, trimming costs, speeding up incident response and boosting data protection capabilities. |
| SU004 | Tanium | City of Phoenix | Tanium | 75% reduction in patching cycle. |
| SU005 | Tanium | Zurich | Tanium | Zurich saves up to 100 resource hours a month with an automated patching capability built on top of Tanium’s patching tools. |
| SU006 | Tanium | ABB | Tanium | ABB Electrification Americas estimates a 14X ROI on its initial investment with Tanium. |
| SU007 | Tanium | Whirlpool | Tanium | It wasn’t unusual for 5–10% of our devices to be out of compliance with our policy. Once we deployed Tanium, our average went down to less than 1% almost overnight. |
| SU008 | Tanium | Metropolitan Water District | Tanium | With Tanium and Microsoft, MWD has improved its mean time to respond to potential risks by up to 20%. |
| SU009 | Tanium | Autonomous IT for federal government agencies | Tanium | Tanium is deployed extensively across the U.S. Armed Forces and major federal agencies. |
| SU010 | Tanium | The Total Economic Impact™ of Tanium Autonomous IT | Tanium | |
| SU011 | Business Wire | Tanium Autonomous IT Platform Delivered 235% ROI, According to Recent Study | The Total Economic Impact study reveals 75% reduction in MTTR, 95% greater workstation patching efficiency and 70% productivity boost by year three with Tanium. |
| SU012 | Business Wire | Tanium Cloud Obtains FedRAMP Authorization | Tanium technology currently supports five branches of the Department of Defense, civilian agencies, and more than 70% of the Fortune 100 companies. |
| SU013 | Microsoft | Jones Lang LaSalle cuts cybersecurity spending by 20 percent by consolidating vendors and using Tanium and Microsoft Defender for Endpoint | Microsoft Customer Stories | By using both Tanium and Microsoft, JLL has reduced its cybersecurity spending while closing security gaps. |
| SU014 | Carahsoft | Tanium Government IT Procurement Contracts | Carahsoft | GSA Multiple Award Schedule Contract (MAS) 47QSWA18D008F Aug 22, 2018- Aug 21, 2028. |
| SU015 | FedRAMP | Tanium Cloud for US Government (TC-USG) | FedRAMP Marketplace | |
| SU016 | Texas Department of Information Resources | DIR-CPO-5687 | Texas Department of Information Resources | Contract Start Date: 05/19/25 ... Contract Expiration Date: 05/19/31 ... Contracts may be used by state and local government, public education, other public entities in Texas, as well as public entities outside the state. |
| SU017 | AWS Marketplace | AWS Marketplace: Tanium Inc Cloud Reviews | Awesome CLI for Scaling, but Pricing and Complexity Need Work. |
| SU018 | TrustRadius | Tanium Reviews & Ratings 2026 | TrustRadius | Score 9.2 out of 10 ... Cons Pricing is a bit expensive. |
| SU019 | PeerSpot | Tanium reviews 2026 | The integration is not simple and easy ... Sometimes it takes three or four days for it to reflect. |
| SU020 | SoftwareReviews | Tanium Platform Customer Reviews 2026 | Endpoint Protection | 93 Likeliness to Recommend 99 Plan to Renew 88 Satisfaction of Cost Relative to Value. |
| SU021 | Built In | Tanium Company Growth, Stability & Outlook 2026 | Built In | |
| SU022 | FeaturedCustomers | 13 Tanium Customer Reviews & References | FeaturedCustomers | Read 7 Tanium reviews and testimonials from customers, explore 5 case studies and customer success stories, and watch 1 customer videos. |
| SU023 | Carahsoft | Tanium Case Studies | Carahsoft | Featured Tanium Case Studies: State of Arizona ... Navy Cyber Defenders ... Government Agency Replaces BigFix with Tanium to Improve Cyber Hygiene. |
| SU024 | Tanium | Customer Success Stories | Tanium | AstraZeneca ... Colgate ... City of Phoenix ... Zurich. |
| SU025 | Gartner Peer Insights | Tanium Autonomous IT Platform Reviews & Ratings 2026 | Gartner Peer Insights | Rapid Data Retrieval Enhances Audits Despite Steep Learning Curve for New Users ... Tanium Balances Efficient Responses With Noted Issues In Pricing and Implementation. |
| SR001 | Tanium | All Advisories - Tanium Security Advisories | TAN-2026-012 ... TAN-2026-011 ... TAN-2026-010 ... TAN-2026-009 ... TAN-2026-008 ... TAN-2026-004 ... TAN-2026-003 |
| SR002 | Tanium | 2026-012 - Tanium Security Advisories | This vulnerability could allow an authenticated Tanium user with the Administrator role or "Write Downloader Authentication" permission to retrieve credentials used for remote source download authentication. |
| SR003 | Tanium | 2026-011 - Tanium Security Advisories | This vulnerability could allow an authenticated Tanium user with the "Threat Response Configs - Read" permission to gain read-only access to data they should not have access to. |
| SR004 | Tanium | 2026-010 - Tanium Security Advisories | This vulnerability could allow an authenticated Tanium user with the "Write Filter Group" permission to perform a denial of service attack against the Interact workbench. |
| SR005 | Tanium | 2026-009 - Tanium Security Advisories | This vulnerability could allow an attacker with access to a system running the Tanium Client to achieve local privilege escalation when maliciously crafted cryptographic content is parsed. |
| SR006 | Tanium | 2026-008 - Tanium Security Advisories | This vulnerability could allow an attacker with access to TDS logs to gain read access to sensitive data including sessions and API tokens. |
| SR007 | Tanium | 2026-004 - Tanium Security Advisories | This vulnerability could allow an authenticated Tanium user with the Asset Report Write permission to read, create, or modify objects in the Asset database that they may otherwise not have access to. |
| SR008 | Tanium | 2026-003 - Tanium Security Advisories | This vulnerability could allow an attacker with access to the system running the Enforce Recovery Key Portal to gain read-only access to data they should not have access to. |
| SR009 | Justia | DANIEL HOWARD V. TANIUM, INC., No. 23-15451 (9th Cir. 2024) | Plaintiff Daniel Howard sued Defendant Tanium, Inc., for fraudulent misrepresentation ... We reverse and remand for further proceedings. |
| SR010 | Justia | ORDER RE: DAUBERT MOTIONS. Signed by Judge Jacqueline Scott Corley on 6/27/2025. (Filed on 7/10/2025) | Daniel Howard filed suit against his former employer, Tanium Inc., alleging Tanium fraudulently induced him to join Tanium as an employee. Jury trial is scheduled to commence July 15, 2025. |
| SR011 | Leagle | HOWARD v. TANIUM, INC. | Case No. 21... | 20250711c90 | Leagle.com | Daniel Howard filed suit against his former employer, Tanium Inc., alleging Tanium fraudulently induced him to join Tanium as an employee. Jury trial is scheduled to commence July 15, 2025. |
| SR012 | PacerMonitor | Howard v. Tanium, Inc. (3:21-cv-09703), California Northern District Court | ***Civil Case Terminated ... STIPULATION to Dismiss action with prejudice filed by Daniel Howard. |
| SR013 | UniCourt | QuickVault, Inc. v. Tanium Inc. | On 11/07/2023 QuickVault, Inc filed an Intellectual Property - Patent lawsuit against Tanium Inc. |
| SR014 | PatSnap | QuickVault v. Tanium: Dismissed Without Prejudice | PatSnap Eureka | After 246 days of litigation, the parties filed a joint stipulation of dismissal without prejudice on July 10, 2024. |
| SR015 | National Institute of Standards and Technology | NVD - CVE-2026-6408 | https://security.tanium.com/TAN-2026-012 ... Vendor Advisory |
| SR016 | National Institute of Standards and Technology | NVD - CVE-2026-6392 | https://security.tanium.com/TAN-2026-011 ... Vendor Advisory |
| SR017 | National Institute of Standards and Technology | NVD - CVE-2025-11187 | https://github.com/metadust/CVE-2025-11187 |
| SR018 | National Institute of Standards and Technology | NVD - CVE-2026-2350 | https://security.tanium.com/TAN-2026-008 ... Vendor Advisory |
| SR019 | National Institute of Standards and Technology | NVD - CVE-2026-2435 | https://security.tanium.com/TAN-2026-004 ... Vendor Advisory |
| SR020 | National Institute of Standards and Technology | NVD - CVE-2026-1344 | https://security.tanium.com/TAN-2026-003 ... Vendor Advisory |
| SR021 | Carahsoft | Tanium Government IT Procurement Contracts | Carahsoft | NASA SEWP V ... Sep 30, 2026 ... ITES-SW2 ... Aug 30, 2030 |
| SR022 | NASA Solutions for Enterprise-Wide Procurement | NASA SEWP Home | NASA has extended the SEWP V ordering period through September 30, 2026, with the potential for 2 option periods... |
| SR023 | Forbes | Tanium | Company Overview & News | Its customers include Bank of America, Best Buy and the U.S. military. |
| SR024 | Yahoo Finance | Tanium (TANI.PVT) company profile and facts - Yahoo Finance | Tanium is recognized as a leading player in the Unified Endpoint Management sector, managing millions of endpoints and serving top retailers, commercial banks, and federal organizations. |
| SR025 | Frontier Enterprise | Bridging security gaps in government: Tanium's approach | Frontier Enterprise | More often than not, the whole process is further complicated by budgetary concerns, staffing issues, and even geographical differences. |
| SR026 | PeerSpot | Tanium Reviews, Competitors and Pricing | Tanium pricing is considered high compared to some competitors, often being two to two and a half times more expensive. |
| SR027 | TrustRadius | Tanium Reviews & Ratings 2026 | TrustRadius | Pricing is a bit expensive. |
| SR028 | PeerSpot | Compare CrowdStrike Falcon vs Tanium | CrowdStrike holds a 6.2% mindshare in the Endpoint Protection Platform sector versus Tanium's 2.3%. |
| SR029 | PeerSpot | Compare BigFix vs Tanium | HCLSoftware users are 97% willing to recommend BigFix, compared to 80% of Tanium users who would recommend it. |
| SR030 | Comparitech | CrowdStrike vs Tanium: A head-to-head %%currentyear%% comparison | CrowdStrike offers cloud security tools ... Tanium sees its biggest competitive advantage in its blend of system management and security products. |
| SR031 | SelectHub | Tanium vs BigFix | Which Endpoint Management Software Wins In 2026? | Users consistently point to Tanium's high price tag as a major drawback ... some find the learning curve steep. |
| SR032 | TrustRadius | Compare HCL BigFix vs Tanium 2026 | TrustRadius | One issue is its ring topology ... If the central hub fails, then the associated node will also result in failure. |
| SR033 | Channel Insider | Tanium: Autonomous IT Moves Closer With Platform Updates | Channel Insider | Tanium announced a slew of additions to its platform, targeting AI-enabled automation, mobile endpoint security needs, and more. |
| SR034 | NAND Research | Research Note: Tanium’s New AEM & Cloud Workload Solutions | Tanium AEM’s autonomous capabilities should greatly reduce manual intervention in endpoint management. |
| SR035 | SANS | Autonomous Endpoint Management: Next-Gen Endpoint Visibility Fueling SecOps and IT Ops with AI | Manual processes simply can’t keep up with today’s threats ... Tanium’s single-agent architecture and AI-powered capabilities empower teams to operate from a shared source of truth. |
| SR036 | Gartner Peer Insights | Microsoft vs Tanium 2026 | Gartner Peer Insights | Microsoft vs Tanium 2026 | Gartner Peer Insights |
| SV001 | Forbes | Tanium Was Once Security’s Hottest Startup. Now, It’s Back Talking A Big Game. | Now valued at $9 billion, Tanium’s a much mature business these days: annual recurring revenue has passed $700 million with free cash flow margins north of 10%, making it profitable on an EBITDA basis. |
| SV002 | Forbes | Tanium | Company Overview & News | Now valued at $9 billion, the Emeryville, California-based firm has raised $1.1 billion and employs 2,000 people. |
| SV003 | Yahoo Finance | Tanium (TANI.PVT) Valuation, History & News - Yahoo Finance | Estimated Valuation 4.26B. |
| SV004 | Yahoo Finance | Tanium (TANI.PVT) company profile and facts - Yahoo Finance | Forge Price as of May 15, 2026. |
| SV005 | Business Wire | Tanium Introduces Tanium Atlas to Transform IT and Security Operations for the Age of AI | Across more than 36 million endpoints worldwide, Tanium captures a comprehensive range of endpoint signals at high fidelity, in real time. |
| SV006 | Morningstar | Tanium Introduces Tanium Atlas to Transform IT and Security Operations for the Age of AI | |
| SV007 | North Carolina Department of Information Technology | Tanium Price List | Tanium Core Plus - Subscription ... $38.00 list / $34.20 NC price ... 2k minimum endpoint purchase required. |
| SV008 | Amazon Web Services | AWS Marketplace: Tanium Inc On-Prem | This listing includes an annual subscription for 1,500 Endpoints of ... Tanium Core Plus ... Endpoint Management Plus ... Risk & Compliance Plus ... Incident Response. |
| SV009 | Carahsoft | Tanium Government IT Procurement Contracts | Carahsoft | |
| SV010 | Tanium | Tanium Cloud Obtains FedRAMP Authorization | Tanium | Tanium today announced ... authorization of Tanium Cloud for U.S. Government (TC-USG) at the Moderate Impact Level. |
| SV011 | Tanium | Tanium Combines Forces with ServiceNow to Deliver New Autonomous IT Solution Powered by Industry-Leading Platforms | Tanium | Organizations gain greater insight and enforcement across IT environments through integration of Tanium’s Autonomous IT Platform capabilities with ServiceNow CMDB, workflows and AI agents. |
| SV012 | Justia | DANIEL HOWARD V. TANIUM, INC., No. 23-15451 (9th Cir. 2024) | The district court erred as a matter of law ... whether $5 was the true FMV and whether the 409A valuation is relevant to that inquiry. |
| SV013 | Tanium Security Advisories | 2026-008 - Tanium Security Advisories | This vulnerability could allow an attacker with access to TDS logs to gain read access to sensitive data including sessions and API tokens. |
| SV014 | CompaniesMarketCap | CrowdStrike (CRWD) - Market capitalization | |
| SV015 | U.S. Securities and Exchange Commission | crwd-20260131 | |
| SV016 | CompaniesMarketCap | SentinelOne (S) - Market capitalization | |
| SV017 | U.S. Securities and Exchange Commission | s-20260131 | |
| SV018 | CompaniesMarketCap | Tenable (TENB) - Market capitalization | |
| SV019 | U.S. Securities and Exchange Commission | tenb-20251231 | |
| SV020 | CompaniesMarketCap | Qualys (QLYS) - Market capitalization | |
| SV021 | U.S. Securities and Exchange Commission | qlys-20251231 | |
| SV022 | CompaniesMarketCap | Palo Alto Networks (PANW) - Market capitalization | |
| SV023 | U.S. Securities and Exchange Commission | panw-20250731 | |
| SV024 | CNBC | Software startup NinjaOne tops $500 million in annualized recurring revenue | |
| SV025 | NinjaOne | NinjaOne Secures $5 Billion Valuation and $500 Million Funding to Redefine Automated Endpoint Management | |
| SV026 | Yahoo Finance / Reuters | Cybersecurity startup Axonius raises $200 million from returning investors | |
| SV027 | Forbes | Axonius | Company Overview & News | |
| SV028 | Wiz | Celebrating Our $1 Billion Funding Round and $12 Billion Valuation | Wiz Blog | |
| SV029 | CNBC | Wiz: 2024 CNBC Disruptor 50 | |
| SV030 | Forbes | Wiz | Company Overview & News |