Orchestrate powerful workflows with Azure Sentinel and Tines

Work with alerts generated by detections, query the log analytics backend of Azure Sentinel with data from other sources, and add threat intelligence indicators leveraging Azure Sentinel's watchlist and Tines.

Continuous security: Dynamically authenticate to APIs using credentials with Tines

Good credential management is critical when working with APIs. Learn how to Tines can dynamically authenticate to APIs using credentials stored in your existing secret management tools to ensure your continuous security.

Introducing Teams

We built Teams to allow you to invite as many other users as you want to the Tines platform, and to allow you to keep your sensitive and critical Stories separate to and private from other users.

Leveraging AWS Lambda in Tines

Using AWS Lambda within your automation platform.

Getting started with TheHive automation

How to use the TheHive API together with Tines to automate the creation of alerts from phishing emails and more.

Automating detection and response with Panther and Tines

Learn how to scale your security program by creating high-fidelity alerts using Panther and automating manual remediation tasks in Tines.

Security chatops with Auth0

‍Adam Maksimuk, Senior Incident Response Engineer at Auth0 explains how the Slack bot they built using Tines simplifies the management of security incidents.

Detect and respond accurately to security alerts at scale with Tines and Auth0

Detection & Response Senior Security Engineer, Brandon Maxwell, describes how Auth0 use Tines to respond accurately at scale to security alerts.

Announcing the free Tines Community Edition

The Tines Community Edition is a fully-featured cloud instance of Tines. It’s free to use, requires no up-front commitment, and includes a generous automation capacity.

AWS security response with Tines

Learn how to automate response to AWS Security Alerts using AWS Cloudwatch and SNS together with the Tines Security Automation platform.

ELK Stack automation and the Elasticsearch API

Automate the Elasticsearch Search API to rapidly create canned and shareable threat hunting tools for you and your team.

How to subscribe to Google Workspace (G Suite) notifications

How to subscribe to a Google Workspace endpoint and receive webhooks for important user account events. This will let us build custom workflows and tailored security responses for a range of scenarios.

Getting connected to the CrowdStrike API

A brief look at how to get connected (and authenticated) to the CrowdStrike API and enable Tines to utilize many aspects of the CrowdStrike Falcon platform.

Splunk automation guide

Explore and then automate search operations for a simple Threat Hunting example. We will then turn our learnings into a fully-fledged self-service internal tool for use by colleagues (or perhaps other teams in your organization).

Qualys vulnerability management automation guide

How to leverage some basic Qualys automation to maximize your impact and efficacy.

Breaking the attacker cycle with Thinkst Canary and Tines

In the digital realm, we, as defenders, are too often on the back foot. We hunt for and react to an attacker’s movements, but what if we could tripwire certain paths and automate what happens next?

Continuous security with Snyk

Continuous Improvement should imply 'Continuous Security', but is this really achievable? From a security operations perspective, the question then becomes, how do we automatically track, record, and address risk in near-real-time.

Account compromise (Part 3): Respond and protect with a multi-pronged automated approach

This is part 3 of a 3 part series on security automation for dealing with account compromise. Part 1 covers detection, part 2 looks at enrichment and case management, while part 3 tackles protection and response,

Account compromise (Part 2): Enrich alerts, avoid toil, and regain control during incidents

This is part 2 of a 3 part series on security automation for dealing with account compromise. Part 1 covers detection, part 2 looks at enrichment and case management, while part 3 tackles protection and response.

Account compromise (Part 1): Breaches are inevitable and early detection is crucial

This is part 1 of a 3 part series on security automation for dealing with account compromise. Part 1 covers detection, part 2 looks at enrichment and case management, while part 3 tackles protection and response.

Phish.ly: Democratizing suspicious email analysis with Tines and urlscan

We’re excited to announce Phish.ly, a free service, built in partnership with urlscan, that allows security teams to automate the analysis of suspicious emails.