Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

I first met Tines co-founders Eoin Hinchy and Thomas Kinsella more than a decade ago at eBay. Even then, we shared the same frustration: too much important work was slowed down by brittle processes, manual handoffs, and disconnected tools. We all believed technology should help people focus on meaningful work, not slow them down in muckwork. That idea has shaped my career ever since. I started out in security operations, using automation to make my own job easier.

SOAR was created to help security teams work faster and more consistently by automating and orchestrating core security operations. It has always had to adapt to new and evolving technologies, but our current AI era has brought about a turning point. As cloud environments scale, manual playbooks can’t keep up. Now, it’s not enough to automate. We need systems that can understand the context they’re running in and adapt accordingly.

This is the final post in a three part series examining the past, present and future of workflows. In the first two posts, we explored where workflows came from and what defines an intelligent workflow. This final article looks ahead. The goal is to understand how workflows will evolve in the coming years and why they will become central to how organizations run, make decisions, and adapt.

Using the AI Agent action, you can now connect to and utilize tools from MCP servers. This connection allows you to extend the reach of your workflows by bridging the gap between Tines and your AI implementations. Whether using a remote server or one created in Tines, the opportunity to do more is at your fingertips. Read the docs for more information.

AI is becoming a routine part of technical operations. Teams use models to support ticket triage, incident routing, knowledge retrieval, code analysis, and customer interactions. As these agents move closer to production workflows, the conversation about security becomes much more important. One of the most persistent and widely misunderstood issues is prompt injection. It is not a vulnerability that can be fully patched or trained away.

Infrastructure has always been the backbone of IT Operations, but its scope has expanded dramatically. Gone are the days when infrastructure meant only racks of on-premise servers and storage arrays. For many businesses, today's reality is a sprawling, interconnected landscape encompassing multi-cloud environments, modern software-as-a-service (SaaS) platforms, traditional data centers, and emerging edge workloads.

It’s a bold claim. And sometimes customers ask me, “What exactly do you mean by important?” That’s a fair question because importance isn’t about how complicated a workflow is, or how many tools it touches. It comes down to impact.

For most IT operations teams, capacity management is a balancing act. Too much capacity and costs spiral; too little and users feel the impact before you do. On paper, scaling should be simple. In reality, it’s anything but. Most teams still scale manually – waiting for alerts, logging into consoles, adjusting resources, and hoping they’re not overdoing it. It’s a pattern that feels safe because it’s familiar, but it’s quietly expensive.

If you've ever been involved in a major database migration, you know just how complex and honestly, nerve-wracking they can be. At Tines, we recently faced the challenge of migrating a customer's dedicated tenant by moving all the customer’s critical workloads running on Tines between two different AWS Regions. All while maintaining 100% system availability.

Recent research from Forrester Consulting commissioned by Tines, Unlocking AI’s full value: How IT orchestrates secure, scalable innovation, underscores the essential role IT leaders must play in AI orchestration, as well as the challenges that stall adoption – and the opportunities that await those who overcome them. But how do these findings translate to real life, and what are leaders and practitioners doing to navigate this landscape?