Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

July 2024

What's new in Tines: July 2024 Edition

Have you thought about how you can keep your Tines stories short and efficient? Use rules in your Webhook Action to create events based on specific requests. Events are only created when a rule is matched. When you want to focus on a specific result, customize response action options or filter out requests with regex that do not match your criteria.

Mastering success: 5 key stages of professional services delivery

In this blog post, Kelsey Sevening, Sr. Manager, Project Management at Tines shares what customers can expect when engaging with our professional services team to help them reach their goals faster. When it comes to investing in professional services, the quality of the experience can vary widely. While some customers might have exceptional experiences and others less so, most find themselves somewhere in the middle.

Tines Idea: Simplify Security Alerts with AI in Tines

From transforming data with a prompt and generated code, to directly accessing and using a language model in your workflows, our AI features make automation even more accessible and efficient for anyone in your organization. Learn how you can take multi-source security alert workflows from 25 actions to 3, reducing the potential for error and making it simpler to make updates like adding sources, change rule definitions, and more.

A step-by-step guide for embracing workflow automation

Workflow automation offers huge potential benefits for security teams, including improved incident readiness, faster time to value, enhanced team retention, and reduced errors. Whether your team is planning to embrace security automation for the first time or enhance an existing program, a clear roadmap is essential. In this post, I'll share a step-by-step guide for security teams looking make the most of workflow automation and the technology that's allowing teams to work even faster, AI.

Migrating from legacy SOAR platform to Tines: a step-by-step guide

In this blog post, Martin Moroney, Customer Success Engineering Manager at Tines shares lessons on migrating from a legacy SOAR platform, based on his experience in overseeing dozens of successful migrations. Enterprise system migrations are complex projects, with intimidating challenges that require meticulous planning and execution. This complexity is amplified in the context of systems that leverage many integrations to support complex workflows.

5 common misconceptions about workflow automation

The potential benefits of workflow automation for security teams are huge - from improved incident readiness to faster time to value, improved retention, and reduced errors, there lots of compelling reasons to adopt this technology. But there are also some popular misconceptions holding teams back from fully embracing workflow automation. In this blog post, I'll debunk some of the most common myths about workflow automation and explain why it's worth investing in for any security team.

Friday Flows episode 28: Sending an IOC to Recorded Future for Analysis

On today's episode, Michael Tolan from the Tines labs team is taking us through this enrichment workflow. Recorded Future is our long-time threat intel partner and has been the leader in that space for years now. This will give you some insight into how we work better together.

Cases: A Year in Review

When we launched cases in early 2023, we saw how teams combined automation with their established processes to respond to known threats. And we realized we were missing a place for security teams to address those new or unknown threats. Enter cases, our solution to case management. Over the past year, our cases feature has become a place where teams can collaborate, track, and report on new and existing workflows.

Friday Flows Episode 28: Use AI to create cases and act on CrowdStrike alerts

In today’s Friday Flows, Conor Dunne, from the Tines Labs team, walks us through a new story using AI to create cases and act on CrowdStrike alerts. As is the case with many alerts, there’s a lot of information, but it’s not always very clear. He first uses AI to simplify & normalize the data. Once that is done & a case is created, we can also use AI to act as a security analyst and respond with one of four actions: Suspend a user account Isolate a host Block a URL Alert the security team using PagerDuty.

Friday Flows Episode 27: Disabling AWS User from Hunters Alert with Jira Prompt

We're excited to bring you another workflow from the Tines library and to introduce your new Friday Flows host Cameron Higgs! The legendary Blake Coolidge is handing over the reins for a season but he'll be back on your screens before too long. In this episode, Conor Dunne walks Cameron through a workflow that pulls leads related to the Amazon Web Services (AWS) environment flagged by Hunters and searches for users with unauthorized permissions.

How to evaluate AI features in workflow automation platforms

If you’ve been paying attention to the latest AI product releases or evaluating AI tools for your teams, you’ll probably have noticed how difficult it is to distinguish between hype and reality. Vendors are under an enormous amount of pressure to deliver AI features, and, as a result, many of these new tools feel rushed and fragile, and simply aren’t capable of solving important, real-world problems.

From skeptic to advocate: My journey to embracing AI

For years, we as security practitioners were promised that AI and machine learning would change our lives for the better, but time and time again, the companies that touted this technology disappointed us. In the first decade or so of AI-branded security tools, we saw plenty of products that demoed well, but were completely undeployable.

Exploring generative AI guardrails: The Tines approach

Innovation rarely starts with acknowledging the restrictions. It’s only after you’ve fleshed out the practical concepts that you begin to understand how they can align with the predefined boundaries, ensuring that your final product is both useful and compliant. This dynamic process encourages a more organic pathway to discovery, leading to solutions that are not only innovative but also viable within the given constraints.