About Beyon Cyber
Beyon Cyber is a leading provider of advanced end-to-end cyber-security solutions, offering managed services and advisory to organizations across Bahrain and beyond. They were recently named the fastest-growing Cyber Security Company in the Middle East and Cyprus by Deloitte.
Executive summary
Before Tines, Beyon Cyber was already providing world-class security services to its customers, but, driven by a culture of continuous improvement, its teams wanted to further enhance their offering. Their previous SOAR solution played an important role in delivering these services, but they knew that a platform like Tines could help them deliver even more value for their customers.
With Tines and the support of Tines professional services, they’ve achieved greater operational efficiency while ensuring robust security measures. The SOC team now has the freedom to focus on innovating and expanding their services, rather than being bogged down with maintaining automated workflows.
Many times, Tines has allowed us to consolidate multiple steps into a single one. This delivers a lot of value and has ultimately allowed us to expand the scope of our work.
Dr. Shaikh Khalid Al Khalifa, CEO
The challenge
When they approached Tines, Beyon Cyber was using a well-known SOAR platform for automation and orchestration.
“All incident management tasks were managed through the built-in automation functionalities of this product. Additionally, we had several workflows dedicated to phishing investigations and threat intelligence management,” says Britto Irudhayasamy, Head of Cyber Defense Engineering.
But this SOAR platform presented several challenges:
Performance issues: The platform was heavyweight, resulting in performance issues that demanded time-consuming levels of maintenance.
Integration limitations: The built-in integrations had their own bugs, which took a long time to resolve. And they were restricted to the integrations available within the platform, which limited their flexibility.
Support constraints: Without premium support options, the team found it difficult to resolve platform-related issues promptly. This lack of support exacerbated the performance and integration issues they faced.
The impact of these challenges was profound - resource drain, implementation delays, and operational burden.
A significant amount of our resources was diverted towards maintaining the platform, which hindered our ability to focus on expanding our SOAR automation use cases.
Abubakar Mohd, Chief Technology Officer
The high maintenance requirements of their SOAR caused critical implementations to be delayed, impacting the team’s overall operational efficiency.
“We were burdened with resolving platform issues and bugs, leaving little time for innovation or enhancement of our security operations,” says Isa Almannaei, Head of Security Operations Center.
Why Tines?
When it came time to select a new platform, Tines quickly jumped to the top of the list. Chief Technology Officer Abubakar Mohd describes their first experience with Tines as “transformative.”
Let's take a closer looks at some of the reasons why they chose Tines.
Lightweight architecture
The team appreciated how straightforward it was to deploy Tines’ lightweight, container-based architecture on their cloud infrastructure.
“This reduced the performance issues we previously encountered,” says Abubakar.
Integrate anything
Thanks to Tines’ flexibility in working with any API, Beyon Cyber could connect various systems without being limited to built-in integrations.
Britto tells us, “This significantly broadened our automation capabilities.”
Faster time to value
The team at Beyon Cyber availed of Tines professional services to help speed up the migration process and enhance the efficiency of their workflows.
This proactive support helped us overcome initial deployment challenges and optimize our use of the platform.
Abubakar Mohd, Chief Technology Officer
The Impact
Streamlined processes and operational efficiency
With Tines, tasks that previously required multiple steps were reduced to manageable levels.
And teams at Beyon Cyber no longer have to deal with the performance issues they faced with their previous SOAR platform.
“We haven’t experienced any performance issues with Tines,” says Isa, “and our automated workflows have been significantly simplified.”
Enabling expansion and innovation
Tines workflow automation has helped Beyon Cyber enhance the robustness of their processes, while saving analyst time. A phishing analysis workflow built by the Tines team reduced analyst time spent by 95%, and a threat hunting workflow built by the Beyon Cyber team reduced it by 98%.
With the additional time, the team can focus on driving innovation, meaning they can share the benefit of these time savings with their customers.
Professional services
While team members were keen to start building in Tines, they also needed to migrate their most important incident response workflows in a short, 4-week window. To ensure this process ran smoothly, they enlisted the help of Tines professional services.
“It was one of the greatest experiences in dealing with professional services,” Isa says. “We faced a lot of difficulties dealing with professional services with other vendors. Time was wasted on discussing the scope, and whenever you want to add something, you were told it's out of scope. So that was a painful part previously, and we definitely didn't experience that with Tines.”
Beyon Cyber had a close, collaborative relationship with the Tines engineers and project managers.
We were able to build whatever we wanted, and even add more features that we didn't previously cater for.
Isa Almannaei, Head of Security Operations Center
“We weren’t restricted at all," Isa explains. "And I was able to reach the team through Slack all the time. If there was something that wasn’t working, or some issue that we faced, they were able to come through quickly and help us fix it."
Britto adds that engaging professional services left him with a really thorough understanding of the platform.
“They were kind enough to explain the whole process, in terms of how they build or how it interacts with different platforms. So it was a learning journey for us as well.”
Many members of the Beyon Cyber team are now active Tines builders. Isa tells us, “Building in Tines is definitely a great experience. I’m not a coder, but they’re correct when they say it’s no-code automation. I definitely faced some challenges because the use case I was working on was so complicated, but I was very happy with the results."
Top use cases
Incident response
Phishing investigation
Threat intelligence management
Top workflows
Incident management. These workflows identify, categorize, prioritize, aggregate, and enrich alerts from various SIEM platforms.
Threat intelligence. This workflow connects multiple threat intelligence tools to hunt and block IOCs.
Phishing response. This workflow receives email data, extracts and enriches IOCs in several tools, reaches out to the analyst for approval, and performs the approved actions.
What’s next
Teams at Beyon Cyber have big plans for Tines, and are already working on expanding their use cases.
“We’ll further optimize our incident response and automation workflows to improve efficiency and effectiveness,” says Britto. “And we’ll work closely with Tines’ support and professional services to continually improve our use of the platform and stay ahead of emerging threats.”
By upgrading our Tines license and expanding our use cases, we aim to continue enhancing our automation capabilities, achieving greater operational efficiency, and ensuring robust security measures.
Abubakar Mohd, Chief Technology Officer