June 2022 Summaries
6 posts from Tines
Filter
Month:
Year:
Post Summaries
Back to Blog
In the evolving field of cybersecurity, there is a notable trend of integrating software development principles to enhance the efficiency and reliability of security solutions, exemplified by the concept of "Detection-as-Code." This approach involves managing security detection rules for SIEM or XDR systems in a structured, code-based manner similar to software development processes, facilitating auditing and peer review through APIs and CI/CD pipelines. The sharing of detection rule ideas has become widespread on platforms like GitHub, with contributions from entities like Sigma and Microsoft, fitting well into the GitHub Flow model. The text provides a practical guide to implementing Detection-as-Code using platforms such as Elastic for SIEM, GitHub for development and CI/CD, and Tines for alert handling, emphasizing the importance of a working example to bridge the gap between theory and practice. The implementation involves configuring Elastic SIEM, developing custom rules, utilizing GitHub Actions for automated testing and deployment, and managing alerts through GitHub Issues, which allows for seamless integration with existing development workflows. The approach not only improves efficiency in managing security rules but also enhances the ability to track and modify them over time, reducing false positives and ensuring ongoing relevance.
Jun 30, 2022
1,568 words in the original blog post.
On the Future of Security Operations podcast, Thomas interviews Jack Naglieri, CEO of Panther Labs, who discusses his experiences working in security teams at Yahoo and Airbnb, the creation of the open-source tool StreamAlert at Airbnb, and the founding of Panther Labs. The conversation highlights the distinctions between Panther's cloud-native SIEM platform and traditional SIEMs, emphasizing detection-as-code, security data lakes, and the importance of focusing on security over operations. Jack shares insights on the future of security operations, the necessity for automation to tackle cloud-scale security challenges, and upcoming features from Panther Labs. The podcast also references Jack's other works, including his blog and podcast, which delve into similar topics.
Jun 21, 2022
256 words in the original blog post.
Jess Harper, a partner development manager at Tines, focuses on cultivating strategic business and technology alliances to enhance revenue growth and market presence. With a background in technology from roles at Cisco and Pure Storage, she values Tines for its innovative product, supportive people, and proactive partnership investments. Harper advises new hires to embrace the authenticity of building a company and highlights the vast possibilities for automation with Tines, encouraging creative exploration in its application. Outside work, she enjoys family activities, exploring the Carolinas, and traveling.
Jun 15, 2022
508 words in the original blog post.
Startups often struggle with security due to limited resources, making solutions like no-code automation crucial for managing risks and scaling efficiently. Tines, a company born out of the founders' extensive experience in security, has been instrumental in helping startups automate critical workflows with its no-code platform. Recognizing the need for accessible automation tools, Tines has launched the Tines Startup Program, offering a full-featured, production-grade platform at a significantly reduced cost to eligible startups. This initiative aims to support early-stage companies in achieving product-market fit and growth without the financial burden of traditional security infrastructure. The program requires startups to have fewer than 100 employees, be less than five years old, and have raised under $50 million in capital to qualify. By leveraging no-code automation, startups can stay agile and proactive in addressing security challenges.
Jun 14, 2022
473 words in the original blog post.
Tines has introduced a new Reporting feature aimed at helping users quantify the time saved through automation, enhancing the platform's value demonstration. This feature enables both customers and Community Edition users to efficiently calculate the time saved by automating repetitive tasks, such as investigating phishing emails or analyzing security alerts, which can amount to significant time savings each week. The process of calculating ROI is often challenging, but Tines' no-code automation allows users to offload and streamline tasks, making their processes more efficient. Reporting provides a transparent and trustworthy way to track time saved, as metrics are recorded in a Reporting field and displayed in an overview chart, with the underlying data provided by the user to ensure accuracy. Feedback is encouraged through the provided contact email.
Jun 07, 2022
426 words in the original blog post.
In the sixth episode of the Future of Security Operations podcast, Thomas interviews Niall Heffernan, the Head of Security at Cygnvs and a cybersecurity lecturer at the National College of Ireland, to discuss various facets of security operations. The conversation covers Niall's insights into the evolution of security operations over the past five years, his approach to building a security team from the ground up, and the role of automation in prioritizing incidents. They also explore common pitfalls in integrating automation into security programs, lessons that can be learned from software engineering, and the implications of an organization going public on its security posture. Additionally, they address the ongoing security talent shortage and Niall shares his top advice for security leaders and practitioners, along with his predictions for the future of security operations and the anticipated changes in the roles of security analysts.
Jun 06, 2022
212 words in the original blog post.