Automating detection and response with Tines workflows and Sysdig

Sysdig and Tines have partnered to offer an integrated solution that enhances cloud security by combining Sysdig's expertise in Runtime Insights with Tines' orchestration and automation capabilities. This collaboration allows DevSecOps, Operations, and SOC teams to streamline security processes, quickly detect and respond to sophisticated cloud attacks, and adhere to the 5/5/5 Cloud Detection and Response Benchmark, which aims to detect threats in 5 seconds, triage in 5 minutes, and respond in 5 minutes. The partnership provides enhanced threat detection and automated response, allowing security teams to quickly address threats like Scarleteel while reducing human intervention. The solution also promotes flexible security workflows, simplifying the management of complex security issues. A sample workflow involves Sysdig generating an alert, followed by Tines automating the enrichment, triage, and remediation process, such as blocking a user's AWS console login if necessary. Users can explore these capabilities by signing up for Tines' always-free Community Edition.