Home / Companies / Tines / Blog / May 2026

May 2026 Summaries

19 posts from Tines

Filter
Month: Year:
Post Summaries Back to Blog
The Spring 2026 "You Did WHAT with Tines?!" competition highlighted innovative workflows utilizing Tines to enhance operational efficiency and integrate AI into real-world processes. The overall winner was Darren Burrows of OVO, who developed O.R.B.I.T., an incident management platform that integrates Google Chat and Jira Service Management to streamline incident response with interactive features and automated updates. Additional category winners included Jillian Huizenga from Owens Corning, who created an AI-powered security query routing system to optimize SOC analyst efficiency, and Tommy Odle from Appfire, who designed a threat intelligence pipeline that automates data categorization and Jira ticket creation. Arun Murugesan from NewsCorp developed a system to manage user access revocation across multiple platforms, reducing risks associated with terminated employees. Jason Grybaitis from Nexon Asia Pacific introduced a lifecycle firewall management solution, while Ben King from the same company created a vulnerability intelligence pipeline that uses AI to deliver refined security insights. These workflows demonstrate the potential of Tines in automating complex processes and improving information management across various sectors.
May 28, 2026 980 words in the original blog post.
Network security is inherently complex, requiring teams to engage in extensive manual processes that often lead to burnout and inefficiencies, primarily due to the fragmented nature of operations between tools. The introduction of intelligent workflows represents a transformative approach to addressing these challenges by integrating AI, automation, and human decision-making to streamline and coordinate tasks across systems. These workflows facilitate faster threat response, improve consistency and accuracy by reducing human error, and enable scalability without increasing headcount. By automating tasks such as alert triage, access control, and configuration audits, intelligent workflows help network security teams manage complexity, reduce mean time to remediation (MTTR), and maintain compliance. This operational overhaul allows teams to focus on strategic, high-impact work, thereby enhancing their organizational impact and mitigating the risk of burnout.
May 27, 2026 1,107 words in the original blog post.
Incident response plans are crucial for organizations to effectively manage and recover from security incidents, yet many plans fail under real-world conditions due to being treated as static documents rather than dynamic operational systems. Key to a successful incident response plan is viewing it as an ongoing process that evolves over time, incorporating rigorous testing, automation, and integration with existing systems. Effective plans are built on specific components such as clear purpose and trigger conditions, roles defined by actions instead of titles, a severity matrix with concrete response paths, and well-documented procedures and communication protocols. Additionally, they include a robust post-incident review process with a named owner responsible for translating findings into actionable improvements. The integration of deterministic automation, AI, and human judgment into these plans ensures timely detection and response, while governance measures ensure compliance and operational efficiency. To maintain effectiveness, regular testing through tabletop exercises and live simulations is recommended, alongside a structured revision process triggered by changes in tools, teams, or regulations.
May 25, 2026 2,407 words in the original blog post.
Workflow software encompasses a variety of products categorized mainly into task tools, integration platforms, and intelligent workflow platforms, each serving distinct purposes and functions. Task and project management tools are designed for human coordination, while Integration Platform as a Service (iPaaS) handles system-to-system data movement with limited human involvement. In contrast, intelligent workflow platforms integrate automation, AI, and human decision-making to manage complex workflows across multiple teams and systems. Key considerations in selecting workflow software include security and governance features such as role-based access control, audit log retention, and compliance with regulations like GDPR and HIPAA. Workflow platforms should also offer robust integration capabilities, AI governance, and native secrets management to prevent security vulnerabilities. Understanding the specific needs of different teams, such as security, IT, or finance, is crucial in choosing the right workflow software, with the decision having significant implications on efficiency and governance across an organization.
May 24, 2026 2,334 words in the original blog post.
Intelligent workflow automation bridges the gap where traditional automation falls short by integrating deterministic steps, AI-assisted decisions, and human oversight into a single cohesive process, ensuring that tasks requiring judgment do not disrupt workflow continuity. This approach is not about increasing automation for its own sake but about selecting the appropriate execution mode for each step, providing auditability and human control where necessary. The deployment of intelligent workflows results in governance and capacity recovery, allowing teams to focus on higher-value tasks by reducing repetitive triage and exception handling. Unlike separate systems that fail to address the complexities of operational work, this architecture combines speed and control by integrating AI, deterministic processes, and human review on a single platform, as demonstrated by Tines. By doing so, it reduces exception escape rates, accelerates cycle times, and enables expansion across various departments such as security, IT, HR, and operations, with measurable outcomes like time saved and reduced vulnerability counts.
May 22, 2026 1,740 words in the original blog post.
Part three of the series on migrating to Tines Cases focuses on the operational aspects necessary for a successful transition, emphasizing the importance of stakeholder communication and change management to ensure adoption. It advises a structured approach that includes running Tines Cases in parallel with the legacy system, clear criteria for ending the parallel run, and a tested rollback plan to address potential challenges. The text underscores the need for detailed documentation and team-specific training, as well as the monitoring of adoption metrics post-migration. It highlights the significance of maintaining reporting and compliance continuity by auditing existing reports and planning for historical reporting needs. The piece concludes by indicating the next part will address security considerations and ongoing optimization post-migration.
May 21, 2026 1,326 words in the original blog post.
This blog series explores various aspects of using Tines, focusing on the migration to Tines Cases and how to optimize workflows for better efficiency and impact. It covers the preparatory steps for migration, such as communication, rollback, and compliance, and offers guidance on securing and optimizing Tines Cases post-migration. Additionally, the series delves into best practices for building and running effective workflows with Tines, discusses the role of AI-powered orchestration in enhancing security operations, and provides insights on automating beyond the Security Operations Center (SOC) to improve areas like vulnerability management, governance, risk, and compliance (GRC), and threat intelligence.
May 21, 2026 131 words in the original blog post.
Migrating to Tines Cases from a previous ticketing platform involves several critical steps, starting with establishing secure API access and choosing the right authentication method, with OAuth 2.0 preferred for its security and manageability. The process requires setting up a dedicated integration service account with minimal permissions and confirming network-level access, especially if the legacy platform is behind a firewall. Understanding API rate limits is crucial during the API-intensive migration phase to avoid disruptions caused by exceeding limits, which are often shared across all integrations. Data migration should be approached with a clear plan, focusing on migrating necessary data rather than volume, and establishing a well-defined data model within Tines to ensure efficient lookups and correlation. Migrating reference records should be lean, with the potential for a two-phase approach to backfill additional details if needed. Bi-directional sync between Tines Cases and the legacy system may be required, necessitating careful planning for field mapping, conflict resolution, and idempotency to prevent duplicate entries. Error handling, observability, and resilience are paramount, with specific strategies for managing common API failures, establishing a dead letter queue for unsynced records, and setting up alerts for integration health. Graceful degradation, load testing, and capacity planning are essential to ensure the integration can handle burst scenarios without falling behind.
May 21, 2026 4,214 words in the original blog post.
Migrating to Tines Cases involves meticulous planning and execution to ensure a smooth transition and long-term success. The process includes securing the migration infrastructure, managing credentials, and safeguarding data in transit with TLS encryption, while restricting access to migration stories and logs. Post-migration, it's crucial to retire legacy integrations and address technical debt to prevent lingering security risks and inefficiencies. Tuning alert correlation and deduplication with real-world data is an ongoing process, requiring continuous adjustments as the threat landscape evolves. Establishing robust operational monitoring from the outset is essential for tracking performance metrics and ensuring visibility into the system's health. Successful migration hinges not only on technical execution but also on managing organizational challenges, such as stakeholder buy-in and maintaining trust through a carefully phased approach. The strategic investment in a well-documented and auditable migration process pays off by ensuring a resilient and efficient case management system.
May 21, 2026 1,137 words in the original blog post.
AI adoption among security teams has become nearly universal, but the policies governing these AI applications have not kept pace, leading to challenges in management and oversight. According to Tines' Voice of Security 2026 report, nearly all Security Operations Centers (SOCs) use AI, yet many security professionals are unsure how quickly they could disable AI in the event of a security incident, highlighting the inadequacy of existing policies. Traditional acceptable use policies (AUPs) fail to address the complex behaviors and risks posed by AI systems, such as data exfiltration or unauthorized deletions. To address these gaps, the article provides a comprehensive AI policy template with 12 sections, covering roles, data classification, tool approval, incident response, and more, aimed at ensuring that AI governance is robust and actionable. The policy distinguishes between behavioral rules and technical controls, emphasizing the importance of security teams having a dedicated AI policy to manage risks effectively. It stresses the need for dynamic, trigger-based policy updates and integration with intelligent workflow platforms to transform static documents into operational workflows that enhance security and compliance.
May 21, 2026 2,235 words in the original blog post.
In 2026, the security industry is grappling with the rapid acceleration of vulnerability discovery driven by AI tools like Anthropic’s Mythos and OpenAI’s Daybreak, which has led to a sharp increase in reported vulnerabilities and is overwhelming security teams. Despite the allure of using AI to counter AI-driven attacks, the real issue lies in the gap between identifying vulnerabilities and acting on them, largely due to the constraints of legacy systems and existing operational workflows. The key to effective defense is not merely speeding up discovery but improving the design of security systems to integrate deterministic workflows that can execute automatically and consistently. This approach, as exemplified by the well-defended curl codebase, emphasizes building resilient systems that inherently reduce exploitable surfaces, rather than relying on real-time improvisation. By embedding AI in the design phase to develop smarter defenses and utilizing human oversight for critical decisions, organizations can better manage threats and maintain security without being dependent on continuous, costly AI reasoning.
May 20, 2026 1,103 words in the original blog post.
CIOs and IT leaders are facing challenges with AI adoption despite increased investments, with only 1% considering themselves mature in implementation. Organizations initially embraced AI tools to enhance productivity, which led to decentralized and unmanageable workflows. To address this, companies like Tines have appointed dedicated roles to govern AI adoption, emphasizing ownership, structure, and visibility. At Tines, Martin Maroney was appointed as the Head of Intelligent Workflows, leading to significant improvements in workflow adoption and management, with 90% of employees actively using the internally developed workflows. The key to successful AI scaling lies in creating a structured governance framework that facilitates adoption without incurring technical debt. This approach, akin to the "paved paths" concept in engineering, ensures that organizations can scale AI and automation efficiently.
May 20, 2026 908 words in the original blog post.
Tines has introduced several updates to enhance user experience, including Story copilot file attachments for easier collaboration and granular page collection permissions to facilitate team contributions with appropriate access controls. The platform's AI capabilities have been expanded, moving to a monthly AI credit model with increased capacity, and now include a new AI tenant overview for better administrative visibility. Tines has become a connector on Claude for direct system interaction from conversations, and new models like Claude Opus 4.7 and GPT-5.5 offer improved reasoning and performance. Users can also access Anthropic models via Google Vertex AI for greater flexibility. To enhance collaboration and data security, users can link cases from mentions and mark case fields as sensitive, while enhanced record retention options and custom timing schedules for dashboard snapshots improve workflow monitoring. Over 40 enhancements shipped in April aim to provide more control, flexibility, and visibility, with real-time updates available on the What’s New page.
May 18, 2026 417 words in the original blog post.
Intelligent workflows represent a paradigm shift in process management by integrating deterministic automation, agentic AI, and human-in-the-loop checkpoints to manage complex tasks across multiple systems and teams. Unlike traditional automation, which often results in fragmented and uncoordinated systems, intelligent workflows offer a cohesive and adaptive process that routes predictable tasks through rule-based automation, delegates ambiguous signals to AI for interpretation, and escalates critical decisions to humans equipped with comprehensive context. This approach addresses the shortcomings of automation sprawl, where disconnected tools and high maintenance burden prevail, by ensuring every action is logged, traceable, and reversible. Intelligent workflows are not just theoretical but are actively employed in various industries, as demonstrated by Tines' customers who achieve efficient phishing alert triage, seamless employee onboarding, and accountable AI agent oversight. By focusing on outcomes rather than tools and incorporating governance into the process, intelligent workflows enable organizations to effectively manage real-world complexities while enhancing human decision-making, ultimately bridging the gap that isolated automation systems fail to address.
May 18, 2026 1,951 words in the original blog post.
AI governance has become a crucial operational priority for organizations as they increasingly adopt AI technologies, with an emphasis on ensuring responsible, transparent, and accountable AI system behavior. The concept encompasses policies, controls, accountability structures, and workflows that govern AI system actions and manage risks throughout their lifecycle. With the rise of shadow AI, agent sprawl, and impending regulatory pressures, organizations need effective governance frameworks, such as the NIST AI Risk Management Framework, ISO/IEC 42001:2023, and the Singapore Model AI Governance Framework, to navigate these challenges. These frameworks emphasize policy documentation, risk classification, lifecycle controls, real-time monitoring, and audit trails. AI governance differs from data governance in its focus on AI system behavior and outputs, and it requires more dynamic controls for AI agents compared to static model governance. Establishing a central oversight body and assigning clear ownership for AI actions are crucial steps to bridge governance gaps and ensure compliance with emerging regulations. Organizations that integrate AI governance into automated workflows can manage AI risks proactively and efficiently, thereby supporting faster and more confident AI adoption.
May 14, 2026 2,487 words in the original blog post.
Runbooks, traditionally used as documented procedures for handling specific operational scenarios, are evolving from static wiki pages to dynamic, executable workflows that integrate with systems and AI to automate responses and improve efficiency. Despite widespread adoption of AI in security operations centers (SOCs), burnout and increased workloads persist, highlighting the need for intelligent workflow platforms that connect AI, systems, and procedures into seamless, automated processes. These platforms transform runbooks into codified decision trees that can execute end-to-end sequences, thereby reducing the mean time to resolution (MTTR) and ensuring consistency across shifts and time zones. Runbooks capture institutional knowledge, standardize responses, and create audit trails, making compliance a byproduct of operations. Automation levels range from manual to autonomous, with organizations typically starting with high-frequency, low-risk tasks and gradually increasing automation. The Tines platform exemplifies this approach by offering a governed surface for combining deterministic, agentic, and human-in-the-loop steps, which can be applied across various organizational functions such as security, IT, finance, and HR.
May 13, 2026 2,668 words in the original blog post.
The Tines Voice of Security 2026 report highlights the evolution of workflow engines from narrow backend systems to intelligent workflow platforms that govern processes across security, IT, and operations. These modern platforms handle complex, multi-step processes by maintaining state, coordinating tasks, and managing errors, thereby reducing the manual workload of security professionals, who spend 44% of their time on repetitive tasks. Workflow engines are categorized into developer-centric tools and those designed for operations teams, with the latter offering user-friendly interfaces to build workflows without needing developer intervention. Key features of advanced workflow engines include state management, event-driven triggers, rules-based routing, permissions, error handling, and audit logging. Intelligent workflow platforms integrate AI agents, support a variety of workflow types, and offer governance and compliance capabilities essential for enterprise use. Tines exemplifies such a platform, enabling operations teams to create and manage workflows through a visual, non-code interface, thus enhancing workflow accessibility and efficiency.
May 12, 2026 2,400 words in the original blog post.
Business process automation (BPA) orchestrates entire workflows across multiple systems and teams with minimal manual intervention, addressing inefficiencies that arise when humans manually integrate disparate tools and data. Unlike task automation, which handles discrete steps, BPA encompasses end-to-end processes, integrating rule-based steps, AI decisions, and human approvals. This approach is critical in managing the complexity and tool sprawl faced by organizations, as it reduces time spent on manual data routing, decreases errors, and allows humans to focus on exceptions requiring judgment. The intelligent workflow platforms facilitate BPA by connecting systems through APIs, maintaining process state, and integrating human input where necessary, ensuring that processes are not only automated but also scalable and compliant. This orchestration is particularly valuable in security, IT operations, HR, finance, and sales, where it enables seamless integration and execution of workflows, ultimately driving efficiency and reducing operational costs.
May 11, 2026 2,703 words in the original blog post.
Adopting AI in workflows requires understanding that large language models (LLMs) do not operate like traditional software, as their outputs can vary and be prone to errors or manipulation. Recognizing this, the text explores several principles for building secure AI workflows, focusing on separating trusted instructions from untrusted input, setting deterministic boundaries on tool access, applying minimal privilege to model-driven actions, incorporating human oversight at critical points, and assuming prompt injection will occur. Using Tines as an AI interaction layer facilitates implementing these principles by allowing builders to define and separate system instructions from user inputs, enforce restricted tool access, and maintain human oversight through native action types. While no single measure can eliminate risks like prompt injection, the combined approach ensures AI actions remain within a controlled and auditable framework, allowing for secure and reliable AI-powered workflows.
May 06, 2026 1,355 words in the original blog post.