About Druva
Druva enables cyber, data, and operational resilience for every organization with the Data Resiliency Cloud, the industry’s first and only at-scale SaaS solution. Druva pioneered a SaaS-based approach to eliminate complex infrastructure and related management costs, and deliver data resilience via a single platform spanning multiple geographies and clouds. Thousands of enterprises, including 75 of the Fortune 500, trust Druva to protect their data.
Executive summary
Druva is continually looking for ways to improve its security posture. But repetitive, manual tasks were not only slowing down their progress, they were creating a barrier to innovation.
Working with Tines, Druva's security team was able to automate several key processes, including vulnerability management, security compliance, and enrichment for security awareness.
The results across the organization have been profound. Every time the team automates a mundane task, their security employees are freed up for an additional one to two hours per week.
The challenge
Before Tines, Druva’s team was spending too much time maintaining the status quo, when they could have been improving their overall security posture.
One of the biggest challenges facing the Security Team at Druva was that the team didn’t have an engineering background. This made them reliant on their software engineers to automate key security tasks, taking focus away from developing product innovation and functionality.
“There were a lot of mundane tasks where people were spending hours and hours doing manual stuff in tools like Jira,” says Druva’s Principal Security Architect, Allan Swanepoel. “We knew we could automate those. It might take us an hour or two to automate it, but the end result is an engineer being freed up for an hour or two every week.”
Allan led the Druva team in the search for a platform that could unlock new efficiencies.
Their initial wish list:
A fully managed and hosted offering
Secure credential management they could trust
A platform that would empower Druva to create a stronger security posture as a business
Why Tines?
Allan and his team were impressed to discover that, once you set up Tines, it just worked, end-to-end, streamlining automation setups and sending notifications for changes in workflows or necessary updates. It was this core automation and reliability that made Tines the ideal solution.
Once you've got your stories set up, you almost forget they’re running in the background.
Allan Swanepoel, Principal Security Architect
From day one, the Druva team recognized that Tines delivered the technical functionality and overall support they needed.
They were particularly impressed with:
The resilience and scalability of the platform
The Tines team’s solution-oriented approach to product development
The responsiveness of the support team
Allan adds that Tines’s secure credential management was a key factor in their decision.
“A lot of our security keys reside within Tines, so having the trust that those are protected and safe is really important,” he says. “We spent a lot of time exploring that initially - ‘Are we using a secure platform and improving our security portfolio at the same time?’ That was our initial ask of Tines and why we went with Tines at the start.”
Allan now feels that the team is striking the right balance between automated data enrichment and manual decision-making. Meanwhile, Senior Security Analyst Rishi Jain was pleased with the Tines product roadmap and the team’s approach to feature requests.
“A lot of times, customers ask for features that they don’t really need,” Rishi says. “At Tines, they think about it holistically from the design perspective. I think you end up in a much better place when you’re not taking random feature requests from here and there. So that was something that really impressed me.”
Rishi is also encouraged by the improvements he’s seen in Tines since he started using the platform - higher levels of flexibility, the ability to create transparency, and usability optimization.
The impact
Druva started by automating repetitive manual tasks like compliance, vulnerability management, and customer sales request management.
“At most companies, analysts do that day in and day out,” says Brian Keefer, Druva’s Director of Cyber Defense. “Automating that has been a real time-saver and also takes some of the drudgery out of what people in those functions are doing.”
Allan agrees that engineering hours are best spent elsewhere. “What SLAs are reaching within 15 days, that's a Jira query that I can run and send emails automatically, that shouldn't be time spent by a human,” he says.
As Druva added new platforms and integrations, working with the Tines team proved invaluable. Instead of being mired down in expanding functionality, team members felt empowered to proactively navigate these scenarios. And the pre-built action templates in Tines helped them move quickly.
“There are two things that were great while we were working with Tines,” Rishi says. “One of them was that, whenever we discussed a new story, Tines would have something already built that could be used as a template.
“The second was the Tines team. I had a chance to work with (Customer Success Engineer) Martin and we had great, constructive discussions. The team at Tines was always trying to find a solution to the problem.”
The speed and ease at which Tines could connect to Druva’s tech stack was another huge benefit.
“Onboarding additional tools used to be very cumbersome and didn’t scale well,” Rishi says. “Now, being able to interface with APIs, we have one standard tool that we work with as a detection and response security team.”
Onboarding additional tools used to be very cumbersome and didn’t scale well. Now, being able to interface with APIs, we have one standard tool that we work with as a detection and response security team.
Rishi Jain, Senior Security Analyst
What’s next?
Looking to the future, the Druva team plans to build as many Tines stories as possible to extend the platform's benefits to other areas of the company, including a Slackbot to improve efficiency in ChatOps.
In the early days of using Tines, the Druva team was simply checking things off an automation wish list. Now it’s time to move outside the box to create even more impactful builds.
Allan and his team look forward to connecting Tines to even more tools as they scale.
“With any form of third-party integrations, you need to go and figure out that platform, figure out how the data is structured, figure out all the technical details of leveraging that platform, and then transiting data between different platforms. A lot of that heavy lifting has just been taken away by the amount of effort and work that the Tines team has put in to already have these functions available.
“It's literally, ‘I want to work with Jira, I want to create a ticket, I want to update the ticket.’ And these function calls are just there. Plug in a couple of parameters and plug in your data, and it's done. So the amount of saved effort in terms of needing to figure this stuff out, and managing your own interactions has been huge.”
The team at Tines are really engaged in helping us to find value, and making sure that we're actually being able to use the product well.
Allan Swanepoel, Principal Security Architect