Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On this Friday Flows Jesse Strivelli shares a side-by-side comparison of an automation written in Python & built in Tines. The workflow is around triaging alerts for an eCommerce business. The goal is to ingest the alert, enrich & get further analysis, and take action if there's a high-risk score. Jesse has been a software developer at Fortune 100 organizations for most of his career. And while coding remains near & dear to his heart, he shares how building in Tines now saves him time & headaches.

Join Tines founder Eoin Hinchy as he presents the key findings of The Voice of the SOC report 2023 and gives his insight in how we as a security community can address the more worrying trends while also capitalising on some of the positives. Having created the Voice of the SOC Analyst report in 2022, this year Tines went a step further opening up the survey to everyone in the security team right up to C-level and also surveyed security professionals across the world.

The report follows 2022's Voice of the SOC Analyst. In 2023, we expanded the scope beyond the United States to include Europe, and sought perspectives from 900 security professionals up to and including the C-suite, rather than just analysts. This is a great opportunity to learn more about the biggest challenges facing security teams today, and how to solve them, so please do join us. Don’t worry if you can’t make it on the day - registrants will receive a recording after the webinar.

The question of the week from a customer was: “How do we use Tines with our Infrastructure-as-Code methodology?” Today we’re looking at how to automate processes around Terraform Cloud, like documentation, opening tickets, and getting approval for changes in the cost of the infrastructure. Use this workflow to save time, maintain consistent records for audits, and manage incremental infrastructure costs.

What happens when a team member reports a lost laptop on a Friday evening? In most cases, it doesn't get locked down by IT until Monday morning 😬 Enter automation. �� This Tines story created by Conor Dunne allows users to mark the device as lost and prevent further access through Jamf. Conor & the Labs team will be recording more walkthroughs like this & adding them directly to the Story Library to help you bring them to life in your tenant.

A common challenge we hear from IT teams is the constant barrage of requests for applications. These can come from new hires, people transitioning roles, consultants & third-parties, etc. Whitney Young runs through a great story using Tines pages where folks can initiate a self-serve application request that triggers an automation workflow to.

The majority of SOC teams are overworked & under-appreciated. Generally, they get flooded with alerts. There aren't enough human beings or resources to deal with the volume of alerts. So teams will 'turn down' their SIEM solutions so that they can deal with a realistic volume. The downside is that you're going to miss alerts you should deal with & you're going to get a lot of false positives.".

This week’s Friday Flows features our first Community-built story. Big thank you to Christopher Cutajar for sharing his “Manage Elasticsearch and GKE clusters via Slack” workflow and for highlighting the great work of his team at Elastic overall. "As a team, we've built quite a lot of stuff. Both Tines and Elastic are easy to work with & provide value not just with security, but provide a platform for anyone technical or non-technical to enable the business.".

The strides in GenAI have been remarkable this year, but we're all still trying to figure out how to impact our day-to-day work. In this demo, we use AI in the best way we know how to at Tines: by speeding up a security analyst's work and making their life a little easier! Use ChatGPT to normalize alert formats, in this case from CRWD. Alerts from multiple sources are converted into a standard format for easier processing by a SOC, and a ticket is then created.