Turo is the world’s largest car-sharing marketplace enabling customers to book cars whenever they want from its trusted community of local hosts across the US, Canada, the UK, and Australia. The company’s ambitious mission is to put more than 1.5 billion cars to better use through peer-to-peer sharing.
Turo’s lean security team felt the strain of needing to do more with less. They want to be as effective and efficient as possible without relying on additional engineering support.
They enlisted Tines’ no-code automation platform because it seamlessly connects systems and automates mundane tasks, increasing their impact while saving them valuable time and resources. Now, the Turo team is moving forward with confidence, knowing that as they grow, Tines is ready and capable of scaling alongside them.
What's the challenge?
At Turo, security is fundamental. As a rapidly-expanding global business, it needed to find a way to simplify alert detections and triage while deepening its network-wide defenses against malicious attacks. With its customers depending on them to protect their data, too, Turo understands that robust security is essential at every level!
Shasheen Bandodkar, an information security analyst at Turo, explains, “When I joined Turo about a year ago, we were a pretty lean team. Initially, it was all about building a baseline, and we had a lot of heavy lifting to do with different services we wanted to integrate with, different tools we were building, and external vendors.
“As part of enterprise security, I’m responsible for the email security program. There are a lot of different tools out there for email security, and we were trying to build a lean but very robust and agile program. We came across a tool, we onboarded it, and we needed automation because phishing can cause a lot of alerts, false positives, and overhead. You’re creating, managing, and triaging tickets; we needed a tool to make the process faster.”
While creating a ticket took the team approximately 15 minutes, they spent anywhere from 15 to 45 minutes triaging each phishing email.
Shasheen says, “When I learned the platform works with APIs, I wanted to go into more detail and explore Tines more.”
The team had early success automating endpoint monitoring and detection as they deployed an enterprise-level endpoint security solution at the same time. “With Tines, we have real-time visibility across our endpoints and our environment, and we get notified of anything important happening so that we can take action. Tines does a great job of identifying the key matrix or values to determine if something is actually happening on our endpoints and where we need to look, making our process very agile.”
Turo’s team had some basic automation scripts in place before introducing Tines, but they wanted a more intuitive solution. Shasheen explains, “We needed to simplify the process with an automation solution that could handle our current and future needs as we prepare to onboard multiple new tools."
With a lot of their time spent manually creating and populating Jira tickets to exchange information, the team was eager to automate as much of this process as possible.
Before Tines, anything related to enterprise security, security engineering, or even compliance was a huge overhead in terms of creating those tickets and asking different stakeholders from other teams in the org to contribute to a ticket.”
Shasheen Bandodkar, Information Security Analyst, Turo
Another significant automation win involved successfully onboarding a new MSSP.
Shasheen says, “This Story took a little longer to build, but it was completely worth it. A key part was transcribing real-time event information aggregated in our MSSP into Jira, making it visible to our team and any on-call analyst or engineer. This was a game changer; the combined effort of Tines and the MSSP is pretty awesome.”
The Turo team also built an automation workflow that connects with their vulnerability management solution to help them stay on top of AWS events, consolidate patch management efforts and consume information easily for respective stakeholders.
Shasheen explains, “Before Tines, if I wanted to relay information related to something that was happening in AWS, I had to interact with engineering, and creating that ticket was very manual. With Tines, this entire process became seamlessly automated. We get the exact information we need to share it with our team internally or, if we want to, show it to external stakeholders.”
Being fully built and run on AWS, Turo was keen to purchase Tines through AWS marketplace to speed time-to-value through simplified procurement.
Change control is one of the Turo team's favorite features, helping them segregate duties within the platform.
Shasheen explains, “With the change control feature, you can make changes to a test environment, test it, and then deploy it into production.”
Turo’s security team adopted Tines to move beyond traditional perimeter defense functions. Now, they’re planning on using it for multiple other security and IT use cases to secure their environment further.
“Building more AWS Stories is on our roadmap. One key area we’re focusing on is IDS (Intrusion Detection System). AWS has a product called GuardDuty, which identifies suspicious traffic and API activity in our AWS environment. Tines comes with pre-built workflows to enrich and auto-remediate these alerts, which we plan to explore. We have all these different events coming in from different services, so I think there is a huge use case there that we’re going to explore in 2023.”
Shasheen adds, “This year, we plan to go to the next level and focus on both detection and remediation. I think that will only bring more eyes and stakeholders to Tines.”