Leveraging Elastic’s high-speed, cloud-scale prevention, detection, and response capabilities and Tines’ no-code automation platform, joint customers can optimize their mission-critical security workflows while responding to attacks at speed and scale within their environments.
Together, Elastic and Tines will provide security operations and response teams with all of the information they need to investigate alerts and make decisions in one place to significantly reduce dwell times, mean time to respond, and false-positive rates.
By using Elastic’s rich set of APIs, customers can build automated workflows in Tines to create security cases, perform historical searches using timelines, attach the relevant alerts to the case, and generate visualizations.
In addition, customers can add context from threat intelligence providers or take automated actions such as isolating a host using Elastic’s endpoint security integration or blocking an IP address on a firewall.
“The partnership between Tines and Elastic combines powerful workflow automation with robust, relevant data to accelerate every step of security operations from detection to remediation. Customers not only get the benefit of frictionless integrations, enabling them to gather context and automate mission-critical workflows across their stack, but they can also adapt and make real-time decisions at speed and scale,” said Eoin Hinchy, CEO, Tines.
“The duality of increased threats and limited skilled personnel demands a stronger presence of automation and integrating the best investments to optimize security workflows,” said Santosh Krishnan, General Manager of Security, Elastic. “Customers can combine the power of Elastic to search across any data source — security data, observability data, IoT data, and more — with Tines’ flexible and intuitive interface to achieve a more robust security posture that allows security teams to get more power from their existing investments.”