Partnership

AWS × Tines

Automate cloud security with AWS and Tines

View ExamplesBook a demo

Automate cloud security
with AWS and Tines

An illustration of a tunnel connecting the sky to the ground

Cloud security is a fast-changing and dynamic environment which results in many teams struggling to know what is serious and what is noise.

Tines, built exclusively on AWS, helps teams quickly remediate known threats while effectively triaging the new. Providing a user friendly interface to build automation Stories, teams are able to quickly create new workflows, utilizing native AWS APIs to create solutions based on their team’s needs. Tines also is packaged with thousands of Action templates to utilize threat detection services outside of the AWS ecosystem.

Tines allows AWS customers to...

Automate

security alerts management

Streamline

incident response

Improve

accuracy and remediation timelines

Use case examples

Example 1

Monitor and remediate high CPU usage in AWS instances

Monitor AWS CloudWatch for high CPU usage, automatically resizing instances when CPU exceeds 90%, or requesting Slack approval for critical levels above 96%. Document all actions and resolutions in cases, closing unapproved requests with user notification.

Tools

AWS, Slack, Tines

Created by

Sif Baksh and Brad Rumph

Import
Example 2

Tag AWS resources based on Cyera data classification findings

Monitor Cyera for data classification findings in AWS storage and automatically apply security tags to S3 buckets or RDS databases based on sensitivity. Update the issue status in Cyera once tagging is confirmed.

Tools

AWS, Cyera

Community author

Prashanth Charapa at Cyera

Import
Example 3

Respond to a AWS lambda public function Upwind detection

Receive an Upwind detection regarding public access to an AWS lambda function. Allow users to create a case in Jira, or automatically remove access using a Slack message.

Community author

Miguel De Los Santos at Upwind Security

Import
Example 4

Respond to a s3 Bucket-level public access Upwind detection

Receive an Upwind detection regarding public access to an S3 bucket. Allow users to create a case in Jira, or automatically remove access using a Slack message.

Community author

Miguel De Los Santos at Upwind Security

Import
Example 5

Validate suppressed AWS Security Hub findings with controls

Validate suppressed AWS Security Hub findings by checking their compensating controls through CloudTrail, CloudWatch, and Security Hub. Alert security teams through Tines Cases when validation fails and update finding statuses accordingly.

Created by

André Srinivasan

Import
Example 6

Monitor and respond to AWS EC2.19 security violations with agents and Tines cases

Monitor AWS Security Hub for overly permissive EC2 security groups and automatically investigate violations with agents. Remove unauthorized network rules while documenting all actions in Tines Cases and escalating unresolved issues via email.

Created by

André Srinivasan

Import
View more examples

Useful Resources

AWS security response with Tines

Leveraging AWS Lambda in Tines

How to create a Tines Tunnel with an AWS EC2 instance

Whether it’s EDR, traffic behavior analysis, firewall management, IDS, phishing simulations, or anything else we use, Tines is very easy to plug into everything, get the alerts we want, and have it process them. That takes hours off our work.

Joel Perez-Sanchez
Security Engineer
OpenTable

Tines is very intuitive in pretty much every aspect; the platform is just really easy to use, so it does a really good job at saving time. The time saved pays for itself, in my opinion.

Dylan White
Information Security Engineer
KnowBe4

Automate cloud security
with AWS and Tines