At the RSA Conference this year, it seemed that every cybersecurity company had suddenly become an agentic AI company. According to such vendors, AI agents were the solution to every security problem keeping CISOs up at night.
The audience, however, was understandably skeptical. Concerns over vendor promises fell into two camps.
The first camp: companies that took whatever AI capabilities they had and slapped the word ‘agentic’ on them (aka ‘agent-washing’).
Or even worse: vendors who were explaining how useful it would be to have autonomous, AI-empowered programs that would learn on their own, potentially running rampant around sensitive IT systems.
The reality, of course, is that no SecOps team can afford to have agents that might misbehave, despite the promise that agentic AI can lighten the load on overburdened security analysts.
Tines has resolved this conundrum. By integrating AI agents within the context of its intelligent workflows platform, Tines empowers analysts to leverage agents to improve results and get their jobs done more quickly – without worrying about agents going off the rails.
Combining workflow automation and agentic AI to address SecOps challenges
Workflow automation has been an important tool for security analysts for years now. Whenever analysts find themselves repeating a sequence of tasks, creating an automation that executes those tasks instead saves time and reduces human error.
Such automations are deterministic, meaning that for a given set of initial conditions, the resulting behavior of the automation will always be the same, making them predictable – but also inflexible.
Agentic AI, in contrast, is non-deterministic. Agents can take action on their own to explore possible solutions to each problem by querying different data sources or interacting with other agents by iterating on problems to find the optimal solutions.
Both forms of automation are important, but ultimately incomplete on their own when you think of the evolution of workflow automation and where it stands today.
To this end, Tines combines both deterministic workflow automation and non-deterministic agentic AI while leaving the human analyst in control.
In fact, incorporating agents into SecOps workflows to address security challenges while remaining firmly under the control of security analysts is Tines’ fundamental innovation.
Integrating LLM control into the Tines platform
The secret to this combination of deterministic and non-deterministic automation is how Tines provides different levels of LLM control over SecOps workflows: deterministic, human-led, and agentic.
In many cases, a workflow is broadly deterministic, tackling one task after another as per its pre-defined logic. However, at certain steps in the process, an agent can take over to answer a question, resolve an issue, or perhaps perform a more complex task involving multiple systems or other agents.
Sometimes this non-deterministic behavior is advantageous, say when the AI agent is trying to solve a novel problem. In other situations, however, deterministic, predictable behavior is better suited.
When the workflow calls upon an AI agent to complete a task, the resulting agentic behavior follows two basic patterns: monologue or dialogue.
Agents might follow an internal monologue, working to achieve their goals by acquiring data and performing reasoning. Such monologues are both fully automated and non-deterministic.
Alternatively, agents may need to engage in a dialogue with a human analyst or even a business user, supporting them as they work to resolve issues, which Tines calls ‘human in the loop.’
Even when an AI agent is behaving non-deterministically, security analysts may want to interact with it – either to give it additional information, or to work with it to solve a problem.
In other words, Tines empowers security analysts to incorporate the appropriate agentic behavior into workflows, even when the rest of the workflow is deterministic.
As a result, the agents built in Tines give analysts the power to build intelligent, context-aware workflows that can act independently or collaborate with analysts in real-time when necessary.
Meanwhile, the analysts always remain in control, implementing the right level of AI involvement for each workflow.
The Intellyx take
Tines has fully integrated AI agents into its existing intelligent workflows platform – a platform that already offered straightforward automation capabilities to analysts of various skill levels.
The addition of AI agents extends Tines’ reputation for usability. Just as with its deterministic workflows, creating and configuring agents in Tines is dead simple, as is building them into existing or new workflows.
With Tines agents, analysts can implement intelligent, context-aware workflows that can act independently when appropriate while collaborating with analysts in real-time.
Analysts choose the level of AI involvement for each workflow, aligning their organization’s deployment of AI with whatever security requirements or operational needs they might have.
The incorporation of agents into Tines workflows opens up new opportunities for automation. Analysts can now create new workflows that wouldn’t have been possible to execute manually.
Agents, after all, are extraordinarily powerful, and will only become more powerful over time. With Tines, this power will always remain focused on addressing each organization’s cybersecurity requirements.
Copyright © Intellyx BV. Tines is an Intellyx customer. Intellyx retains final editorial control of this article. No AI was used to write this article.
Explore the ability to build Agents in Tines.