Partnership

AWS × Tines

Automate cloud security with AWS and Tines

View ExamplesBook a demo

Automate cloud security
with AWS and Tines

An illustration of a tunnel connecting the sky to the ground

Cloud security is a fast-changing and dynamic environment which results in many teams struggling to know what is serious and what is noise.

Tines, built exclusively on AWS, helps teams quickly remediate known threats while effectively triaging the new. Providing a user friendly interface to build automation Stories, teams are able to quickly create new workflows, utilizing native AWS APIs to create solutions based on their team’s needs. Tines also is packaged with thousands of Action templates to utilize threat detection services outside of the AWS ecosystem.

Tines allows AWS customers to...

Automate

security alerts management

Streamline

incident response

Improve

accuracy and remediation timelines

Use case examples

Example 1

Monitor and respond to AWS EC2.19 security violations with agents and Tines cases

Monitor AWS Security Hub for overly permissive EC2 security groups and automatically investigate violations with agents. Remove unauthorized network rules while documenting all actions in Tines Cases and escalating unresolved issues via email.

Created by

André Srinivasan

Import
Example 2

Process and remediate findings in AWS Security Hub

Automatically process AWS Security Hub findings and respond to threats. Gather GuardDuty data, revoke compromised IAM sessions, block public S3 buckets, adjust security groups, and create a Jira issue for tracking.

Created by

André Srinivasan

Import
Example 3

Investigate AWS issues with CLI data using agents

Process AWS-related tickets by running specialized CLI queries that gather critical information for analysts. Format the findings into detailed notes and append them directly to the case, enhancing investigation context without manual data collection.

Tools

AWS, Tines

Created by

Michael Tolan

Import
Example 4

Create and use temporary credentials in AWS using Assume Role

Assume an AWS role, use temporary credentials to execute an AWS API call, and then perform cleanup by deleting the temporary credentials in Tines.

Tools

AWS, Tines

Created by

Kelsey Salman

Import
Example 5

Backup Tines tenant data to AWS S3

Gather tenant data from Tines. Store stories, credentials, records, resources, and templates in an S3 bucket for backup purposes.

Tools

AWS, Tines

Community author

Haley Kidd at GE Vernova

Import
Example 6

Track critical alerts for exposed AWS Keys

From the submitter: This story investigates emails sent by AWS Support to an AWS root account email address in search of critical AWS Keys Exposed alerts. Tines AI is used to parse the email and extract important information, and the story then creates a Jira ticket that is updated every time AWS sends an update.

Tools

AWS

Community author

Jaroslaw Wojciechowski at Roche

Import
View more examples

Useful Resources

AWS security response with Tines

Leveraging AWS Lambda in Tines

How to create a Tines Tunnel with an AWS EC2 instance

Whether it’s EDR, traffic behavior analysis, firewall management, IDS, phishing simulations, or anything else we use, Tines is very easy to plug into everything, get the alerts we want, and have it process them. That takes hours off our work.

Joel Perez-Sanchez
Security Engineer
OpenTable

Tines is very intuitive in pretty much every aspect; the platform is just really easy to use, so it does a really good job at saving time. The time saved pays for itself, in my opinion.

Dylan White
Information Security Engineer
KnowBe4

Automate cloud security
with AWS and Tines