Tines today added an artificial intelligence (AI)-powered chat interface to its no-code platform to automate cybersecurity workflows.
Tines Workbench uses several large language models (LLMs) to make it easier for cybersecurity teams to organize a set of tasks using a natural language interface, said company CEO Eoin Hinchy.
Tines has previously enabled cybersecurity teams with little or no programming experience to use a platform that exposes a graphical user interface (GUI) through which tasks can be automated in real time. The Workbench plugin democratizes security automation by making querying, aggregation, and analysis easier.
Meanwhile, Tines Workbench includes built-in guardrails to avoid hallucinations and reduce the possibility of misleading answers in response to summary requests, for example, Hinchey noted.
The overall goal, he added, is to make it easier for cybersecurity teams to extract more value from the wealth of tools they've already invested in to achieve and maintain cybersecurity without having to become agile engineers.
Overall, cybersecurity workflow automation has been applied unevenly over the years. One of the main challenges is the level of programming expertise that many platforms require. Most cybersecurity teams don't have a lot of programming skills available. Tines has addressed this problem using a set of intuitive graphical tools that call on the no-code automation engine it developed.
Hinchey said generative AI now provides an alternative interface that will make Tines' core automation framework more intuitive.
In theory, this capability should make it easier for IT operations teams, for example, to understand specifically what they might need to fix to solve a cybersecurity problem.
Given the ongoing chronic shortage of cybersecurity professionals, the only way to effectively bridge this gap is to rely more heavily on automation. In theory, AI will soon make it easier to identify cyberattacks, but there is still a need for a framework to automate the deployment of the controls needed to thwart those attacks. A challenge cybersecurity teams always face is that the automation frameworks they may have previously used are often too complex. No one on the cybersecurity team has the time to master it.
One way or another, cybersecurity needs to become more automated. Time, after all, is always of the essence when there is a cyber attack. The ability to limit the scope of a cyber attack depends on how quickly cybersecurity teams respond. Most cybersecurity teams are now measured as much by their ability to respond and contain an incident as by the number of threats they thwarted in the first place.
Of course, it's not always easy to justify investing in cybersecurity during tough economic times. However, as the types of cyber attacks launched continue to grow in scale and sophistication, there is a clear need for all participants to collaborate to find a way to work smarter when every second counts.
