Partnership
AWS × Tines
Automate cloud security with AWS and Tines
Automate cloud security
with AWS and Tines
Cloud security is a fast-changing and dynamic environment which results in many teams struggling to know what is serious and what is noise.
Tines, built exclusively on AWS, helps teams quickly remediate known threats while effectively triaging the new. Providing a user friendly interface to build automation Stories, teams are able to quickly create new workflows, utilizing native AWS APIs to create solutions based on their team’s needs. Tines also is packaged with thousands of Action templates to utilize threat detection services outside of the AWS ecosystem.
Tines allows AWS customers to...
Automate
security alerts management
Streamline
incident response
Improve
accuracy and remediation timelines
Use case examples
Sysdig Cloud Detection, Document with Jira, and Respond with Tines
This story recieves Sysdig Kubernetes threat alerts through the webhook integrations. The story then retrieves asset information sysdig . Tines calls on Jira to documents each alert for tracking purposes. The story will take steps in to executing response automated workflows based on the alert type.
Community author
Manuel Boira at Sysdig
Detect and Enrich Sysdig Alerts with Risky User with Greynoise and Deny User from AWS Console Login
This narrative begins by receiving Sysdig Cloudtrail alerts via notification integrations. Upon receiving an alert, the system retrieves user identity information from Sysdig, utilizing it to generate a risk score. Furthermore, the story conducts an IP lookup associated with the user to ascertain its reputation. In the event of a malicious IP address, the system autonomously implements a deny-all policy, effectively blocking the user from accessing the AWS console login.
Community author
Manuel Boira at Sysdig
Create an identity federation between GCP and AWS
This story automates the identity federation between a GCP service account and an AWS IAM role. This results in an active set of AWS STS credentials that can be used to automate AWS actions using the AWS IAM role.
Community author
Marcus Hallberg at Spotify
Useful Resources
AWS security response with Tines
Learn how to automate response to AWS Security Alerts using AWS Cloudwatch and SNS together with the Tines Security Automation platform.
Leveraging AWS Lambda in Tines
Using AWS Lambda within your automation platform.
How to create a Tines Tunnel with an AWS EC2 instance
Create a Tines Tunnel so you can route traffic from Tines to a private API/network successfully.
Whether it’s EDR, traffic behavior analysis, firewall management, IDS, phishing simulations, or anything else we use, Tines is very easy to plug into everything, get the alerts we want, and have it process them. That takes hours off our work.
Joel Perez-SanchezSecurity Engineer
Tines is very intuitive in pretty much every aspect; the platform is just really easy to use, so it does a really good job at saving time. The time saved pays for itself, in my opinion.
Dylan WhiteInformation Security Engineer
