CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Automated Alert Triage with AI Agents and Confluence SOPs

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

Security workflow orchestration and AI platform Tines has released a pre-built workflow for automating alert triage and Standard Operating Procedures (SOP) execution. The workflow leverages AI agents to analyze alerts, locate relevant SOPs in Confluence, and perform remediation steps. It integrates with various security tools and notifies on-call teams via Slack. The workflow aims to streamline security alert handling, reduce mean time to remediation (MTTR), and ensure consistent application of security procedures. It was developed by Michael Tolan and Peter Wrenn, security researchers at Tines.

Timeline

  1. 19.09.2025 14:00 1 articles · 13d ago

    Tines releases automated alert triage workflow

    Tines has released a pre-built workflow that automates alert triage and SOP execution using AI agents and Confluence. The workflow integrates with various security tools and notifies on-call teams via Slack. It aims to streamline security alert handling, reduce MTTR, and ensure consistent application of security procedures.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

Automation of Pentest Delivery Enhances Security Operations

Automation is transforming pentest delivery by addressing inefficiencies in traditional reporting methods. This shift enables real-time insights, faster remediation, and standardized operations. Pentesting remains crucial for identifying security weaknesses, but outdated workflows introduce delays and inefficiencies. Automation platforms like PlexTrac streamline the process by delivering findings in real time, integrating with existing tools, and standardizing remediation workflows. This approach helps security teams act on findings immediately, accelerate remediation, and reduce manual work. Organizations adopting Continuous Threat Exposure Management (CTEM) and increasing the frequency of offensive testing benefit significantly from automated delivery. It helps cut through the noise and deliver results in real time, improving handoffs and visibility across the vulnerability lifecycle. Service providers and enterprises can gain a competitive advantage by automating delivery, integrating directly into client workflows, and driving operational maturity. Additionally, automation in pentest delivery helps in reducing the mean time to remediation (MTTR). The article highlights seven key workflows for automating pentest delivery, including creating tickets for remediation, auto-closing informational findings, sending real-time alerts for critical findings, requesting proofreading of draft findings, sending alerts when findings are ready for retest, auto-assigning findings to users, and sending finding updates to client portals. These workflows help accelerate delivery, reduce friction, and build a foundation for a modern, scalable approach to penetration test delivery.

Open in new tab