FRIDAY FLOWS #31 - Beyon Cyber: An MSSP Journey from Traditional SOAR to Tines For any MSSPs out there, this is a really interesting deployment we did with Beyon. Service Providers will look to use SOAR as backend automation for their services. However, traditional SOARs can create their own problems. Requiring dedicated Dev teams to deploy & write automation. Not allowing customisable integration ability outside the box and ultimately being very resource-intensive to maintain.

FRIDAY FLOWS #33 Pt.1 - From Traditional SOAR to Tines Automation: An Engineers Perspective A longer form episode with Tino Sif Baksh. An experienced SOAR engineer who has been blown away by Tines' capability since joining. This is part 1 of our chat. Three really simple unique things covered here: How SOAR has changed as a technology and automation going from ‘nice to have’ to ‘need to have’. Building rules into the Tines’ Webhook action to reduce noisy alerts. The power using Tines’ email mode within the receive email action to simplify the Phishing Response workflows.

Phishing is one of the biggest time consumers for security teams. Between doing enrichment on IOCs, weeding false positives & escalating real events. It's one of the biggest contributors to alert fatigue. Today we're going to show how to put a stop to that through automation in Tines. Karl Dyas joins me on this episode to break down how we handle. As always, if you want to test out Tines.

FRIDAY FLOWS Episode #30 - Normalizing Alerts using Tines AI & Creating Cases In today's episode, Michael Tolan takes us through a workflows where we're leveraging the new Tines AI Action to normalize multiple alerts and create cases in our native Case management. As always, our free Community edition is in the comments and we'd love to hear what you thought of today's episode in the comments.

From transforming data with a prompt and generated code, to directly accessing and using a language model in your workflows, our AI features make automation even more accessible and efficient for anyone in your organization. Learn how you can take multi-source security alert workflows from 25 actions to 3, reducing the potential for error and making it simpler to make updates like adding sources, change rule definitions, and more.

In this video, we'll take a look at some basic navigation around being a admin within Tines.

On today's episode, Michael Tolan from the Tines labs team is taking us through this enrichment workflow. Recorded Future is our long-time threat intel partner and has been the leader in that space for years now. This will give you some insight into how we work better together.

Rosie Halpin, Product Manager, will dive into how you can use powerful, intuitive case management in Tines to investigate, remediate, and report on security incidents. She’ll walk through how cases powers security teams to respond to events by: Join us to learn how you can build on top of your existing powerful automations in Tines with cases.

In today’s Friday Flows, Conor Dunne, from the Tines Labs team, walks us through a new story using AI to create cases and act on CrowdStrike alerts. As is the case with many alerts, there’s a lot of information, but it’s not always very clear. He first uses AI to simplify & normalize the data. Once that is done & a case is created, we can also use AI to act as a security analyst and respond with one of four actions: Suspend a user account Isolate a host Block a URL Alert the security team using PagerDuty.

We're excited to bring you another workflow from the Tines library and to introduce your new Friday Flows host Cameron Higgs! The legendary Blake Coolidge is handing over the reins for a season but he'll be back on your screens before too long. In this episode, Conor Dunne walks Cameron through a workflow that pulls leads related to the Amazon Web Services (AWS) environment flagged by Hunters and searches for users with unauthorized permissions.