Elastic and Tines team up to offer SOAR and AIOps

Today’s digital world inundates organizations with a deluge of data, alerts, and issues requiring intervention. Security analysts must tackle threats fast enough to prevent harm, while SREs and DevOps engineers grapple with identifying and resolving performance problems before users are affected. Many of these teams are understaffed and overburdened, and the nature of their work requires coordinating efforts across departments and systems.

The common thread is that practitioners must be able to analyze and act across the IT environment, without data silos or workflow breakdowns blocking the way. They require real-time insights to cut through the noise and automation to keep pace. And they need these capabilities to function seamlessly.

Elastic and Tines transform security and observability programs by augmenting Elastic’s solutions with Tines’ intuitive, AI-powered workflow orchestration and automation solution.

Elastic’s Search AI Platform provides groundbreaking log management, advanced analytics, and AI features. You can ingest and normalize information of almost any kind (including custom data in just minutes), swiftly search years of archives, and tackle use cases with machine learning (ML), alerting, and AI.

Tines enables teams of all sizes and skill sets to build, run, and monitor their most important workflows. The AI and workflow orchestration platform gives teams the tools to enrich data, add contextualization, and meet users where they are (natural language, no code, low code, or bring your own code). As a result, they get greater value and experience fewer silos from their disparate data and alerting systems.

Each platform plays a vital role. Elastic delivers real-time insights at unprecedented scale, arming practitioners to ask the right questions, receive relevant answers, and make informed decisions. Tines then propels resulting workflows — from the simplest routine tasks to the most sophisticated multi-stage, multi-system responses.

Both technologies can be deployed in the cloud or on-premises, and both smoothly scale from the needs of a start-up to the demands of a global enterprise.

Prebuilt bidirectional connections make it easy to link Elastic alerts with Tines, analyze data from Tines in Elastic, and connect many other systems in your environment.

Now for the fun part. You can quickly find and implement workflows in the Tines library, including sequences contributed by Elastic’s SOC team and other community members. Popular automations include enriching alerts, quarantining compromised hosts, and revoking privileged access.

Want to start with a blank slate? Tines offers an intuitive workflow builder that allows you to incorporate your organization’s preexisting processes.

Pair Elastic Observability with Tines Workflow Automation to prevent outages, accelerate problem resolution, and enhance operational efficiency through intelligent orchestration:

• Monitoring: Seamlessly aggregate and analyze telemetry data across your entire technology stack.

• Analysis: Enable teams to focus on service improvements by automating routine monitoring and investigation tasks.

• Resolution: Reduce downtime and service degradation through automated troubleshooting and remediation workflows.

Elastic and Tines are long-time partners, currently serving over 60 joint customers.

“Tines Workflow Automation is a force multiplier,” notes Santosh Krishnan, GM of security and observability at Elastic. “We’re glad to make this strategic offering available publicly in unison with Elastic Security and Elastic Observability.”

“The time it takes to turn insights into action often determines the effectiveness of security and observability teams,” said Eoin Hinchy, founder and CEO at Tines. “By connecting real-time analysis and AI-powered workflows, the combined offering from Elastic and Tines minimizes that time. This results in faster issue resolution, reduced costs, and, of course, less stress and workload on practitioners.”

Elastic counts on the Tines platform within its SOC. Aaron Jewitt, principal detection engineer at Elastic, estimates that it handles the workload of 95 full-time employees, explaining that “we automate many tasks that would be impossible to complete otherwise.”

Elastic and Tines are teaming up to help teams work smarter, respond faster, and achieve more. Explore our unified offering and contact Elastic to unlock the full potential of your security and observability programs:

• Experience a free trial of Elastic Cloud and connect it with Tines community edition.

• See Tines and Elastic in action in a case study webinar with Texas A&M University System Cyber Operations.

• Contact us to learn more about Elastic + Tines.

The release and timing of any features or functionality described in this post remain at Elastic's sole discretion. Any features or functionality not currently available may not be delivered on time or at all.

In this blog post, we may have used or referred to third party generative AI tools, which are owned and operated by their respective owners. Elastic does not have any control over the third party tools and we have no responsibility or liability for their content, operation or use, nor for any loss or damage that may arise from your use of such tools. Please exercise caution when using AI tools with personal, sensitive or confidential information. Any data you submit may be used for AI training or other purposes. There is no guarantee that information you provide will be kept secure or confidential. You should familiarize yourself with the privacy practices and terms of use of any generative AI tools prior to use. 

Elastic, Elasticsearch, ESRE, Elasticsearch Relevance Engine and associated marks are trademarks, logos or registered trademarks of Elasticsearch N.V. in the United States and other countries. All other company and product names are trademarks, logos or registered trademarks of their respective owners.