Many, if not all, SOAR solutions in the market tout case management within their offerings. It’s a hard requirement for most analysts because it’s essential for their job. But those same analysts are burnt out and overwhelmed by high volumes of alerts, and they struggle to work through the near- endless backlog of tickets. When they look for alternatives, security teams are stuck between choosing good automation or good case management.
That’s why today, we’re introducing cases.
Introducing cases
Cases is our solution for case management. Cases offer a space to collaborate on a workflow (or incident) with colleagues based on data captured from across your stories.
Cases helps customers looking for ways to:
Facilitate, collaborate, and track incident response
Capture and store the actions taken across story runs
Analyze trends or common data points across stories
Identify what automations to build next
How it works
A case is a place where users can work together, comment, and track activity. Cases are built on records, which are a way to capture and structure event data across stories. Records are often attached to cases as artifacts.
The cases collaborative workspace offers:
Records of event data from across stories
Timelines of events from creation to resolution
Owner and collaborators
Description fields with support for videos, tables, pages, checklists, and rich text formatting
List view of all cases with filters to narrow the view
Better automations, fewer cases, faster incident response
Tines already helps hundreds of customers reduce their ticket backlog through automation. Now, with cases, they can create records of automated incident response, find what to build next, identify gaps in existing stories, and collaborate smarter across the team.
While we built something that can best be described as ‘case management’, we believe you can unlock much more than incident response. And we look forward to seeing you do just that!