Matt Muller, Field CSCO at Tines, is an expert in automating security operations to combat inefficiency and burnout. In this engaging discussion, he reveals how Tines leverages AI to streamline incident response and enhance workflow automation without coding. They explore the evolution of phishing attacks and the importance of AI in analyzing threats. The conversation also covers Tines' innovative Workbench tool, combining secure chat with automation to empower analysts in their decision-making processes. Get ready for insights on the intersection of AI and cybersecurity!
Tines alleviates SOC personnel burnout by automating incident response workflows, eliminating the need for coding and manual processes.
AI significantly enhances security operations by enabling deeper analysis of threats while also presenting challenges due to evolving cyberattack methods.
Deep dives
Automation in Security Operations
The podcast highlights the significant problem faced by security operations professionals, particularly the inefficiency and manual labor involved in responding to security incidents. Traditional Security Operations Centers (SOCs) have to meticulously research alerts, which can lead to frustration and burnout among staff. Tines emerged from this challenge as an automation tool designed to streamline alert management and lessen the burden on security teams. The company discovered that automation is not just essential for SOCs but can enhance various facets of cybersecurity, underscoring the broader need for efficiency across the sector.
AI's Role in Security Challenges
AI is revolutionizing the security landscape by diminishing knowledge constraints faced by security teams, which are often required to manage a wide array of systems with varying levels of expertise. The introduction of AI allows personnel to focus on critical tasks instead of spending excessive time on manual processes. Additionally, the podcast discusses concerns regarding attackers using AI to amplify their efforts, potentially increasing the speed and scale of cyberattacks. Security teams must, therefore, be agile and adaptable, leveraging AI to respond effectively to current threats rather than worrying about novel attack types.
CISO Adaptation to AI
CISOs are navigating the dual challenge of securing AI applications within their organizations while exploring how to use AI for enhancing security. This evolving role requires a shift from being restrictive gatekeepers to becoming enablers of safe AI integration. The discussion emphasizes that proactive CISOs are collaborating with teams to identify risks associated with AI and recommending appropriate frameworks for usage. Despite these advancements, the balance of implementing AI for defense poses high stakes, particularly regarding data protection and potential breaches.
Innovations with Workbench
Workbench is introduced as a new tool designed to enhance security operations by allowing security analysts to seamlessly interact with various data sources and tools through a chat interface. This integration enables users to conduct in-depth analyses of security alerts while maintaining the ability to trigger deterministic workflows. By connecting to these tools, Workbench increases the efficiency of incident response without the need for users to understand intricate system details. As Workbench continues to evolve, it is set to incorporate additional capabilities, broadening its use for diverse tasks beyond traditional security operations.
➡ Build, run, and monitor workflows with Tines at: tines.com
In this episode, I speak with Matt Muller, Field CSCO at Tines, about how automation and AI are transforming security operations at scale.
We talk about:
• Tines' Mission to Eliminate Manual Security Work Through Automation How Tines helps security teams streamline incident response and workflow automation without needing to write code, saving time and reducing burnout.
• Applying AI to Security Operations and Analyst Workflows How AI is used in phishing analysis, threat intel reporting, and data transformation—integrated safely into workflows using tools like Workbench with private LLMs.
• Tines Workbench and the Future of Agentic AI How Workbench combines chat with deterministic automation to help analysts take action securely, and how Tines is exploring agentic AI to take automation even further.
Chapters:
00:00 - How Tines Automates Security to Solve SOC Burnout 07:19 - The AI Arms Race: How Attackers and Defenders Are Evolving 09:08 - Why Security Still Comes Down to Workflow, Logging, and Action 13:41 - How CISOs Are Balancing AI Adoption and Enterprise Risk 17:36 - Using AI in Tines to Transform and Automate Security Workflows 20:40 - How AI Detects Business Email Compromise Better Than Rules 25:26 - From Security to Data Pipelines: Tines as Workflow Orchestration 28:59 - Inside Workbench: Secure AI-Powered Chat for Analysts 36:00 - Automating Phishing Investigations with Trusted Tool Integrations 39:19 - Where to Learn More and Try Tines for Free