Wiz Defend is Here: Threat detection and response for cloud

Operationalizing cloud security with Wiz and Tines

The Wiz and Tines partnership combines the benefits of visibility and automation, creating an improved cloud security strategy.

4 minutes read

As cloud and AI development continues to grow and change at an unprecedented pace, organizations must prioritize securing these environments at scale. Traditional approaches to security combined with modern service ownership often led to friction across teams, with conflicting priorities and competing objectives hampering the goal of mitigating risks and managing incidents. 

To address this challenge, Wiz and Tines built a powerful partnership that combines comprehensive visibility and prioritized critical cloud attack paths with automated workflows for swift and scalable remediation. This powerful combination of features improves a business’s cloud security posture and enhances the efficiency of security operations among different teams.

The magic of the Wiz and Tines integration

Navigating cloud security presents unique challenges, from new risks to operational hurdles across security, development, and SOC teams. The integration between Wiz and Tines addresses these issues head-on. It provides an integrated platform that offers end-to-end security visibility, prioritizes critical vulnerabilities, and automates incident response. This partnership ensures that teams can focus on what truly matters — securing their cloud environments against evolving threats.

Wiz also provides cloud detection and response capabilities with the correlation of runtime events, cloud audit logs, and Kubernetes events. This rich context enables both manual and automated investigations to address security concerns swiftly. Tines complements this with its robust workflow automation platform, allowing teams to automate responses, from prioritizing security issues to managing communication through platforms like Jira, Slack, or ServiceNow. This seamless integration lets organizations proactively manage risks like vulnerabilities, misconfigurations, and real-time threats with unparalleled efficiency. As an example, customers can triage and respond to detections found with Wiz Cloud Detection and Response (CDR) and automatically create Jira tickets, tag the right service owners, and send the alert to the appropriate Slack channel, all with real-time security context.

Removing silos with democratized security

Operationalizing security across teams requires clear, prioritized security issues and automation within the triaging and incident response process. Wiz Issues combine toxic risk combinations that lead to open attack paths helping teams see what issues to prioritize and fix. Issues are sent to Tines, where automation routes the Issue with context to service owners, creates tracking tickets, and combines Wiz context with other security sources enabling collaboration between teams in a few ways:

  • Security context for developers. Wiz Issues combine multiple risks into a single alert, so developers understand why it’s important to prioritize and fix the security issue they received.

  • Clear prioritization for security teams. Cloud security and SOC teams can quickly understand if the issue at hand needs to be remediated immediately or a risk that can go into the backlog.

  • Real-time cloud visibility for SOC teams. Real-time anomalous behavior is detected through cloud logs or the Wiz Sensor and immediately sent to the alerting system the incident response team leverages.

With clear risk insights and visualizations, teams have the necessary context and actionable alerts for tackling security issues head-on. This shift in approach encourages a culture of shared security responsibility across the organization, enhancing efficiency and reducing backlogs.

Sample Use Case: Vulnerability management and issue remediation

Consider vulnerability management as an example. 

The Tines workflow listens for alerts from Wiz with risk insights. This includes all the relevant prioritization information and details about the alert. From there, the workflow automatically sends messages via your preferred chat tool (for example, Microsoft Teams or Slack). The message is delivered with one of two options for next steps: a simple prompt within the message itself, or a notification on a Tines Page. Both routes offer the user a way to open a case in their ticketing system or gather additional context. 

If the user opens a case, the workflow assigns a team and includes all the details in a human-readable format. It notifies the on-call team via a notification solution (for example, PagerDuty). 

To give others visibility into the process, you can either share the Tines Page link or add them as viewers to the Tines workflow or case. This is great for cross-collaboration or escalation; for example, it enables triggering a message to be sent to a manager, colleagues in your team, or to another team, if a specific action is taken or alert is raised.

Benefits of the Wiz and Tines partnership

The Wiz and Tines partnership streamlines cybersecurity in several ways:

  • Prioritization. Wiz provides a single queue of prioritized risks to allow teams to focus on the most important issues and reduce the noise. Tines empowers teams to then collaborate on the highest-impact work, while their workflows manage the rest.

  • Improved operational efficiency. The Wiz and Tines partnership automates the security incident response process, freeing up team members to focus on more strategic tasks. This helps reduce backlogs and streamline workflows across teams through clear prioritization.

  • Reduced cost. The new visibility plane allows various stakeholders to share operational responsibilities, which reduces costs associated with outages and incidents. 

  • Improved security posture. Both Tines and Wiz were born in the cloud with an open approach to integrations, which ensures all internal and external systems are protected. This helps reduce the mean time to respond and remediate (MTTR).

  • Contextualized detection and response. This partnership unlocks deeper data and insight and allows teams to assess the potential impact of a threat and respond rapidly to minimize the impact of an incident.

  • Faster deployment in the cloud. In many cases, the time to value is immediate with Wiz and Tines, with many pre-built workflows in the Tines library that can be quickly imported, so you can start running instantly with minimal configuration.

Learn more about mitigating risk

We invite you to join Mars’ Director of Security, Walter Porto, in our upcoming webinar with Tines, where he shares insights on leveraging the Wiz and Tines partnership to identify and mitigate security risks effectively. This session promises actionable strategies that you can implement within your organization.

Join the webinar!

And for more resources, visit the Tines library and search for “Wiz” or read about no-code automation for cloud security with Wiz and Tines

Continue reading

Get a personalized demo

Ready to see Wiz in action?

“Best User Experience I have ever seen, provides full visibility to cloud workloads.”
David EstlickCISO
“Wiz provides a single pane of glass to see what is going on in our cloud environments.”
Adam FletcherChief Security Officer
“We know that if Wiz identifies something as critical, it actually is.”
Greg PoniatowskiHead of Threat and Vulnerability Management