Tines
Drag-and-drop automation for SecOps and IT that runs deterministic stories or agentic AI workflows
What is Tines?
Tines is a no-code workflow automation platform built for security, IT, and infrastructure teams that connects any tool with an API through a visual story builder. It now spans three workflow types: deterministic stories, human-in-the-loop cases, and agentic AI workflows orchestrated via Workbench and Agents. Customers like Notion, Snowflake, GitLab, Elastic, and Coinbase use it as a flexible alternative to legacy SOAR.
Security, compliance, trust, identity, privacy, and risk management platforms for businesses.
See the full Security & Compliance guide to compare more tools, buyer criteria, and related workflows.
Use cases to evaluate
Automating phishing email triage and user response
Enriching SIEM alerts with threat intel before paging an analyst
Orchestrating employee onboarding and offboarding access changes
Building agentic AI workflows that investigate and remediate cloud misconfigurations
Fit to evaluate
SOC and incident response teams replacing legacy SOAR like Phantom or Demisto
IT operations teams automating identity and access workflows
MSSPs running automation on behalf of multiple clients
Detection engineers who want a visual builder instead of YAML
Business fit
Right for you if your security or IT team wants to automate phishing triage, alert enrichment, or onboarding without writing or maintaining Python in a legacy SOAR. The free Community Edition lets analysts build production-grade stories before you commit budget. Skip if you need a general-purpose marketing or sales automation tool, since Tines is purpose-built for technical operations workflows. Also skip if your team prefers a code-first orchestration framework like Temporal or Airflow.
How to evaluate Tines
Use this category when security reviews, compliance evidence, or access controls are slowing deals or operations.
Confirm the exact workflow
Map Tines to one concrete workflow first, such as automating phishing email triage and user response. Avoid buying before the owner, trigger, output, and success metric are clear.
Check category fit
Compare evidence collection, access controls, integrations, and audit workflows.
Compare practical alternatives
Shortlist Tines against Vanta, Drata, Secureframe so the decision is based on fit, effort, and workflow ownership rather than brand recognition alone.
Validate cost and rollout effort
Community Edition is free with no credit card. Business and Enterprise plans require contacting sales for a quote; a heavily discounted Startup Program is available for companies under 100 employees, under $50M raised, and under 5 years old. Also confirm implementation time, support needs, and whether the technical setup matches your team.
Compare Tines with alternatives
Use this quick comparison before booking demos or moving data into a new system.
| Primary workflow | Automating phishing email triage and user response, Enriching SIEM alerts with threat intel before paging an analyst |
|---|---|
| Best-fit team | SOC and incident response teams replacing legacy SOAR like Phantom or Demisto, IT operations teams automating identity and access workflows |
| Implementation effort | Technical setup and maintenance profile |
| Pricing check | Free plan + paid plans |
| Closest alternatives | VantaDrataSecureframeSprinto |
Tines pricing
| Model | Free plan + paid plans |
|---|---|
| Snapshot | Community Edition is free with no credit card. Business and Enterprise plans require contacting sales for a quote; a heavily discounted Startup Program is available for companies under 100 employees, under $50M raised, and under 5 years old. |
| Checked |
Common questions about Tines
What is Tines?
Tines is a no-code workflow automation platform built for security, IT, and infrastructure teams that connects any tool with an API through a visual story builder. It now spans three workflow types: deterministic stories, human-in-the-loop cases, and agentic AI workflows orchestrated via Workbench and Agents. Customers like Notion, Snowflake, GitLab, Elastic, and Coinbase use it as a flexible alternative to legacy SOAR.
What is Tines used for?
Common use cases: Automating phishing email triage and user response; Enriching SIEM alerts with threat intel before paging an analyst; Orchestrating employee onboarding and offboarding access changes; Building agentic AI workflows that investigate and remediate cloud misconfigurations.
How much does Tines cost?
Community Edition is free with no credit card. Business and Enterprise plans require contacting sales for a quote; a heavily discounted Startup Program is available for companies under 100 employees, under $50M raised, and under 5 years old.
Who is Tines best for?
Tines fits SOC and incident response teams replacing legacy SOAR like Phantom or Demisto, IT operations teams automating identity and access workflows, MSSPs running automation on behalf of multiple clients, Detection engineers who want a visual builder instead of YAML. Right for you if your security or IT team wants to automate phishing triage, alert enrichment, or onboarding without writing or maintaining Python in a legacy SOAR. The free Community Edition lets analysts build production-grade stories before you commit budget. Skip if you need a general-purpose marketing or sales automation tool, since Tines is purpose-built for technical operations workflows. Also skip if your team prefers a code-first orchestration framework like Temporal or Airflow.
What are alternatives to Tines?
Common alternatives to Tines include Vanta, Drata, Secureframe, Sprinto, Thoropass, OneTrust.