Tines has established itself as a player in the security automation space. The company provides a no-code automation platform that empowers security, IT, and operations teams to streamline workflows, respond to threats, and manage incidents with speed and efficiency. By eliminating the need for complex coding, Tines enables organizations to automate repetitive tasks and focus on high-impact security initiatives.

Founding Date

Feb 1, 2018

Headquarters

Dublin, Ireland

Total Funding

Series C

Status

Private

Stage

$271.2M

Employees

456

Careers at Tines

Memo

Updated

August 7, 2025

Reading Time

26 min

Thesis

In an evolving digital environment, security threats have grown both in scale and sophistication, stressing the limits of traditional security operations. In 2023, global cybersecurity spending reached around $219 billion and is projected to hit $300 billion by 2026 as businesses continue to invest heavily in safeguarding digital assets. The growth of connected devices fuels this demand for security solutions. As of 2023, there were 15 billion IoT devices worldwide, and this number is projected to exceed 30 billion by 2030. Each one is a potential entry point for malicious actors.

Managing this landscape of threats is challenging enough, but a persistent shortage of qualified security professionals exacerbates the issue. There was a global shortage of 3.4 million cybersecurity professionals in 2022, underscoring the extent to which companies must do more with less. These professionals also need to manage an ever-growing number of products, with one estimate putting the number of different products the average security team manages at 77, and with “some in the hundreds.” These factors are driving companies to automate more security workflows, with a 2023 survey finding that 80% of security leaders planned to boost spending on security automation technologies.

Security Operations Centers (SOCs) also face an overwhelming volume of alerts. One study from March 2022 found teams receive an average of 174K alerts per week, yet can only physically review a tiny fraction. If 76.8% of those alerts are false positives and investigating each alert takes 20 minutes, then over 44K hours a week are spent on chasing bugs that do not actually exist. In a March 2025 study, 83% of security professionals reported alert fatigue from the constant SIEM/monitoring alarms.

Tines is a company focusing on security automation, providing a platform that allows security teams to automate repetitive tasks without writing code. Its drag-and-drop product lets analysts stitch together alert-triage, incident-response, and other workflows across any tool that exposes an API. By lowering barriers to entry through no-code functionality and extensive integrations, Tines’ product caters to organizations of varying sizes. Tines’ long-term vision is to move beyond security workflows and apply its platform to IT operations, DevOps, and compliance workflows, too.

Weekly Newsletter

Subscribe to the Research Rundown

Founding Story

Tines was founded in 2018 in Dublin by founders Eoin Hinchy (CEO) and Thomas Kinsella (former COO, Chief Customer Officer). Both have deep cybersecurity expertise. Hinchy spent over a decade in senior security roles, beginning as a software engineer on Deloitte’s security team and later leading eBay’s and DocuSign’s European security operations, where he oversaw the response to a breach of 145 million user records. At DocuSign, Hinchy oversaw incident response and dealt firsthand with major security crises. Kinsella, who became Tines’ Chief Customer Officer in November 2022 after previously serving as its COO, similarly held prominent cybersecurity roles at Deloitte, eBay, and DocuSign. He rose to Senior Director of Security Operations at DocuSign and says he spent about 15 years protecting some of “the most attacked companies on the planet.”

Based on their experiences, the founders identified a need for flexible and effective tools to automate their work. They saw “three big problems in security: too much work, too many alerts, and not enough staff”. Existing security workflow solutions were inflexible, overly complex, and brittle, often adding more burden instead of relieving it. The founders recognized a need for a platform that could streamline thousands of daily security alerts and tasks. These pain points became the driving force behind Tines. Hinchy has expressed that Tines’ mission is to build a lightweight, robust automation platform that’s easy to use yet powerful enough to handle critical workflows so that security teams can focus on high-impact work instead of fighting through tedious manual processes.

In 2018, its first year, Tines was bootstrapped and 100% employee-owned. This was because the founders wanted to choose who they worked with, grow responsibly, and “stay laser-focused on making each and every customer successful”. In 2019, Tines landed its first enterprise customers, including a Fortune 10 company, and gained recognition as a startup to watch by an Irish business magazine. Operating lean, the founders intentionally avoided outside investment at first, relying on customer revenue to grow. Tines was profitable from day one and, in October 2019, said it was on track to 10× its revenue that year. The team remained extremely small, just five employees as of early 2020. However, after multiple funding rounds, the company had grown to over 150 employees worldwide by 2022.

Tines has expanded the executive team beyond Hinchy and Kinsella. In November 2022, Hines hired Terry Tripp as Chief Revenue Officer. Before Tines, Tripp worked at Mulesoft for over eight years, serving as its Chief Revenue Officer and later Chief Customer Officer. In July 2025, Tines hired Heather Planishek as COO and CFO. She previously served as Chief Accounting Officer at Palantir and earlier held finance roles at Hewlett-Packard Enterprise and EY.

Product

Tines is a no-code automation platform designed to let users build and run workflows for repetitive tasks without writing code. Tines focuses on enabling teams, especially security and IT teams, to connect their technology stack and automate manual processes through an intuitive, story-based interface. In practice, this means even analysts with limited programming skills can orchestrate complex workflows, because the platform’s drag and drop approach makes automation accessible to everyone “regardless of technical skill”. Tines originally gained prominence as a Security Orchestration, Automation, and Response (SOAR) solution for this reason.

One of Tines’ key differentiators is its flexibility and broad integration capability. The platform is vendor-agnostic. In Tines’ words: “if it offers an API, Tines connects with it”, allowing organizations to automate workflows across any tool or service in its stack. This API-centric design means Tines isn’t limited to pre-built connectors; it can work with both mainstream solutions and niche internal tools via REST calls and webhooks.

No-code Automation Workflows

Source: Tines

Tines organizes automation through “Stories”, or visual workflows composed of discrete steps called “Actions”. Building a workflow is an interactive, no-code process: users drag and drop actions onto a canvas to create a story. Each action is a building block that performs a specific function (such as sending an HTTP request or parsing an email) and can be configured without scripting. Actions output structured data events that can trigger subsequent actions, forming an event-driven chain. Simply put, one action’s output becomes the input (event) for the next, allowing complex logic flows to be assembled step by step. Notably, actions can run either on a schedule or in response to incoming events, enabling both scheduled tasks and real-time reactive workflows.

Source: Tines

Tines provides eight types of actions covering common automation tasks. For example, there are actions for sending or receiving emails, making HTTP requests to interact with REST APIs, performing data transformations on events, evaluating trigger conditions, and more. Each action type has specialized options: the Email actions handle IMAP/SMTP details, the Webhook action listens for inbound webhooks, etc. But all share a common interface and can pass data to one another. This uniform event-passing mechanism means users can connect any sequence of actions to craft the needed workflow logic. Tines even supports nested workflows via a “Send to Story” action, allowing one story to call another, promoting reusability and modular design. This story paradigm lets users build sophisticated automation “playbooks” by linking simple, configurable actions all through a point-and-click interface, with no coding required.

Security Automation Use Cases

While Tines is a general-purpose automation platform, it has been adopted in security operations for automating incident response and threat management workflows. Security teams leverage Tines to handle a variety of common use cases, including:

  • Phishing Email Response: Automatically ingesting suspicious emails, extracting indicators (links, attachments), checking them against threat intelligence, and responding. Tines can parse incoming phishing alerts and orchestrate a full investigation workflow. For example, isolating the sender, scanning attachments in sandboxes, blocking malicious domains, and creating an incident ticket, all without manual intervention.

  • Suspicious Login or Alert Handling: Triaging security alerts such as unusual login attempts or SIEM events. For instance, Tines can automatically enrich an alert (pulling user details, geolocation, recent activity), decide if it’s high risk, and then either remediate (lock the account, require MFA reset) or escalate to on-call staff if human review is needed. These workflows reduce alert fatigue by handling the routine checks and only involving analysts when truly necessary.

  • Employee Onboarding/Offboarding: Streamlining identity and access management tasks. When a new hire or departing employee is processed, Tines can coordinate across HR and IT systems to create or deprovision accounts, assign proper access rights, and revoke credentials automatically. This ensures security policies, like least privilege and timely deprovisioning, are consistently enforced with minimal overhead.

  • Threat Intelligence & Alert Enrichment: Integrating with threat intel feeds and external APIs to enrich data. Tines can automatically take indicators (IP addresses, file hashes, URLs) from an alert or report and look them up in various threat intel sources, reputation services, or sandbox tools. The results are fed back into the workflow to determine the next steps. This accelerates incident investigations by providing context in seconds. Tines also helps create tickets or update systems (like SIEM, SOAR, ITSM platforms) with the enriched information as part of the workflow.

Cases

Source: Tines

Cases are a solution for collaborative case management and incident tracking. A Case in Tines provides a shared workspace where team members can investigate and remediate an incident together, with the ability to comment, take manual actions, and record progress in real time. As automation runs behind the scenes, analysts can use a case to oversee the incident, attach findings, and coordinate responses within the Tines platform. “Investigate, remediate, and report on an incident in a collaborative workspace with Tines’ powerful, intuitive case management,” explains the official description.

Cases are built on Records to structure and display information from story runs. For example, if an automated story creates an incident ticket or gathers evidence, those details can be populated into a Case for analysts to review and update. This unifies automated and manual parts of an incident response: Tines can both perform the heavy automation and serve as the central hub for tracking the incident and its resolution. By using Cases, security teams can manage incidents end-to-end in one place, including automated actions, audit trail, and collaborative investigation notes, eliminating the friction between a SOAR tool and a separate ticketing system. Besides helping organizations bridge automation, it also provides a clear storyline of what happened and what’s left to do.

Integrations and Extensibility

The platform was built on the principle that any system with an API should be reachable through a Tines automation. Tines can interact with virtually any modern SaaS service, cloud platform, or internal tool by sending API calls, receiving webhooks, or using other standard protocols. A limited set of connectors doesn’t constrain users; instead, they can hook Tines into custom in-house systems or less common services just as easily as with popular tools like Slack, Jira, Splunk, etc., as long as those systems have an API or webhook capability. This vendor-agnostic approach protects future flexibility as a team changes tooling; the Tines workflows can stay in place and simply point to the new systems’ APIs.

Tines also provides a library of pre-built templates and examples. These are ready-made “stories” and action configurations for common use cases and integrations, which teams can import and adapt to their needs. For instance, the Tines Story Library includes templates for tasks like creating incident tickets in ServiceNow/Jira, disabling a user’s access in Active Directory when a threat is detected, performing VirusTotal scans on indicators, etc. By importing a template, users get a starting workflow that is known to work, so they can customize the logic rather than build from scratch. Tines has stated that “when it comes to integrations, the answer is YES – Tines works with any API”, highlighting that even beyond the provided templates, the platform can connect to virtually any external system through its configurable HTTP Request actions and other extensible action types. Additionally, for advanced use cases, Tines offers a REST API for its own platform and supports scripting (e.g., running Python code) within workflows, ensuring that power users can extend automation capabilities as needed.

Reporting and Analytics

Tines includes reporting and analytics features to help teams measure the impact of their automations and monitor workflow performance. Every action in a story can be instrumented with user-defined metrics. For example, an analyst can log how many minutes a particular automated step saves compared to doing it manually. The platform then aggregates such data into real-time reports. Tines’ reporting dashboard provides real-time visibility into workflow execution, including statistics like how often workflows run, how frequently certain branches are taken, and critically, how much time is being saved by automation at both the action and story level. This “time saved” metric enables teams to quantify ROI. Tines introduced a feature specifically to “quickly and easily calculate how much time they’re saving by automating their repetitive workloads”. In other words, organizations can generate reports showing hours of human effort eliminated per week or per month, demonstrating the value of the Tines automations in concrete terms.

Source: Tines

In addition to efficiency metrics, Tines supports creating custom dashboards and visualizations for data flowing through workflows. The platform’s Records feature allows stories to capture structured data from events (for example, logging each phishing email processed with details like sender, risk score, outcome). Teams can then build charts on this data directly within Tines. The reporting interface lets users plot records in various chart formats to visualize trends and results. These dashboards can be used to monitor operations at a glance (e.g., see the number of threats neutralized over time, or the categories of incidents handled in a quarter).

Tines also provides a Dashboard view that can combine data from multiple stories or cases, giving a holistic picture of what’s happening across the automated workflows. For example, a security team lead might have a dashboard showing open Cases (incidents) by status, counts of different alert types processed by Tines, and the cumulative time saved by automation this month. All of this is updated in real-time as the underlying stories run. These reporting capabilities ensure that automation doesn’t operate as a “black box”; stakeholders can always observe and measure the automations’ performance and outcomes, which helps in optimizing workflows and demonstrating their value to the organization.

AI-Enhanced Features

In 2024, Tines introduced native AI-powered features to make workflow automation even more powerful and accessible. Notably, Tines added an “Automatic Mode” in June 2024 for its Event Transformation action and AI Action, both leveraging large language models (LLMs) implicitly.

Automatic Model allows users to transform or manipulate data using natural English instructions instead of writing logic manually. For example, instead of crafting a complex regex or script to parse an alert message, an analyst can simply describe the desired transformation in natural language. Tines will then use AI at design time to generate the appropriate Python code for the transformation.

Released in May 2024, the AI Action is a dedicated action type that integrates directly with LLMs during workflow execution. This action can invoke a large language model (LLM) on demand, treating the AI as another step in the automation pipeline. Importantly, the AI Action is designed to be “secure and private”. With the AI Action, a Tines story could send a block of text (like an alert description) to an AI model to summarize it, classify its urgency, or extract indicators, and then use the AI’s response to decide next steps.

Source: Tines

Another AI feature Tines launched is Workbench, an AI-powered chat interface within the platform. Workbench is described as “a familiar, Tines-powered AI chat interface that allows you to take action and interact with your proprietary data in real-time”. In practice, Workbench functions like a chatbot copilot for your workflows and data: users can ask questions or give commands in natural language, and the AI (with awareness of the organization’s connected data and systems) will respond or perform actions. This feature allows ad-hoc queries and commands against automated workflows and datasets, “incorporating data from across [the] stack and taking action from a single place” in a conversational way.

Tines supports multiple AI providers, like OpenAI or Anthropic, which are configurable as “bring your own API key” integrations. This means organizations can choose their preferred LLM backend and retain ownership of the data sent to the AI.

Market

Customer

Tines’s target customer is the enterprise Security Operations Center (SOC) team, or the team of security analysts and engineers responsible for monitoring and responding to threats. However, over time, Tines’ customer profile has expanded beyond just security. In April 2021, Tines said 25% of its customers were already using it for non-security use cases and that it planned to expand its platform into additional areas like DevOps and IT.

Tines serves customers ranging from Fortune 10 companies to startups. As of July 2025, notable customers include Coinbase, Databricks, GitLab, Reddit, and more. As of April 2021, 80-90% of Tines’ business came from North America.

Source: Tines

Market Size

The security automation market was valued at around $9.1 billion in 2023 and is projected to reach approximately $27.8 billion by 2032, growing at a 13.3% CAGR between 2024 and 2032.

This growth is in part due to an increase in cyber threats; the increasing frequency and complexity of attacks (from phishing to ransomware) are pushing organizations to adopt advanced automation for faster detection and response. Additionally, shortages of cybersecurity talent are fueling demand: With an estimated 3.4 million cybersecurity positions unfilled globally as of 2022, companies are turning to automation to augment their overburdened teams.

Specific regulations (GDPR, CCPA, sector-specific rules) are also driving investment in security automation to ensure continuous compliance (e.g., automating patch management, audit reporting). Moreover, modern incident response requires speed; automation satisfies the need for faster response times that manual efforts can’t match.

Competition

Torq: Founded in 2020, Torq offers an AI-first, no-code “hyper-automation” platform that lets security teams drag-and-drop integrations and Gen-AI steps to build end-to-end incident-response playbooks. Its flagship bundle, HyperSOC + Hyperautomation, is delivered only as a cloud service. Torq raised a $70 million Series C in September 2024, led by Evolution Equity Partners, lifting total funding to $190 million. Both Torq and Tines pitch no-code security automation, but Torq positions AI as the primary decision engine inside every workflow, whereas Tines blends deterministic actions with optional AI “agents.”

Cortex XSOAR by Palo Alto Networks (Formerly Demisto): Cortex XSOAR is a SOAR (Security Orchestration, Automation, and Response) platform that combines threat intelligence, case management, and real-time collaboration. Acquired by Palo Alto Networks in 2019 for $560 million, Cortex XSOAR has been integrated into Palo Alto’s larger security ecosystem, particularly its firewall and endpoint protection solutions. Compared to Tines, Cortex XSOAR provides a significant amount of out-of-the-box tools but often requires more scripting and developer resources to customize. Tines, by contrast, takes a no-code approach, reducing the barrier for analysts to build and iterate on automated workflows without relying heavily on engineering teams.

Splunk Phantom: Phantom was acquired by Splunk in 2018 for $350 million and integrated into Splunk’s Security Operations Suite. It offers a library of pre-built integrations and playbooks for automated threat hunting, phishing analysis, and incident response. Unlike Tines, which prides itself on minimal code requirements, Phantom typically involves Python-based “Playbook” development. Splunk’s solution is robust in large enterprise environments that already rely on Splunk’s SIEM; Tines, however, may be more accessible for teams looking to rapidly deploy and maintain automation with fewer development overheads.

Swimlane: Founded in 2014, Swimlane is a SOAR platform emphasizing low-code automation alongside advanced security analytics. In June 2025, it raised $45 million in a funding round led by Energy Impact Partners and Activate Capital. Swimlane offers a broad set of modules for incident response, vulnerability management, and compliance reporting. In comparison, Tines has a no-code environment and simplified workflow-building interface. Additionally, teams can stand up end-to-end automation in days or weeks, whereas Swimlane often requires more in-depth implementation due to its flexible but heavier architecture.

Google Security Operations (Formerly Siemplify): Siemplify was acquired by Google Cloud in January 2022 for an estimated $500 million. Now integrated into Google’s Security Operations platform, it focuses on unifying threat detection, investigation, and response capabilities for cloud-based organizations. It provides strong playbook customization and threat intelligence workflows, especially for Google Cloud environments. However, it can be less streamlined for customers running multi-cloud or on-premises stacks. Tines is more tool-agnostic, integrating via REST APIs and webhooks across a wide array of products, offering more flexibility for security teams.

Microsoft Sentinel: Microsoft Sentinel is a cloud-native SIEM and SOAR solution, leveraging Logic Apps for workflow automation. It is intended for Azure-centric shops and Microsoft 365 environments; it can be less seamless for multi-cloud or heavily on-prem deployments. Tines is built to integrate quickly with any tool via APIs and webhooks, remaining cloud-neutral and approachable for security teams with diverse or hybrid infrastructure.

IBM Security QRadar SOAR (formerly Resilient): IBM acquired Resilient in 2016 and integrated it into its QRadar security portfolio. IBM’s SOAR focuses heavily on structured incident response plans and post-incident documentation, appealing to heavily regulated industries. Tines, by contrast, prioritizes an API-first, no-code experience, enabling security teams to build and customize workflows without large-scale engineering or professional services.

ServiceNow Security Operations: Built on ServiceNow’s workflow platform, Security Operations automates parts of incident management, vulnerability response, and threat intelligence. Its strength lies in leveraging ServiceNow’s extensive IT Service Management ecosystem, especially if an organization already uses ServiceNow for ticketing and IT operations. However, this integration can come with cost and complexity, as customers often need to license multiple modules and hire ServiceNow specialists. Tines, on the other hand, provides security teams with a lightweight, standalone automation layer that does not require specialized ServiceNow expertise or large-scale ITSM adoption.

Business Model

Source: Tines

As of July 2025, Tines advertises two tiers of plans:

Community Edition (Free): The community edition plan is designed for extremely small teams of three users. It supports unlimited viewers, three stories, and 5K daily events. Its purpose is to serve as an accessible starting point, enabling users to explore Tines’ capabilities without any financial commitment.

Paid plans: The pricing and specifics of these plans are not disclosed. As of June 2025, however, there are two subplans at the business and enterprise level.

The Business Edition is aimed at growing businesses that need to build, run, and monitor critical workflows. This tier expands on the Community Edition’s offerings by incorporating advanced workflow controls, AI basics, and enhanced team collaboration tools. It provides higher usage limits, with flows starting at 30 and additional thresholds for licensed teams, users, daily events, and AI action credits, as specified in Tines order forms. The Business Edition is designed to help organizations establish a robust workflow automation program within their teams or departments.

The Enterprise Edition caters to large-scale operations that require enterprise-grade features. It delivers a full suite of enterprise capabilities, including dedicated cloud tenants and enterprise tenant management, along with customizable usage limits tailored to complex operational needs. This tier is intended to empower organizations to build, run, and monitor their most important workflows across the entire enterprise, ensuring support and scalability for high-demand environments.

As of July 2025, Tines offers an early-stage company solution to companies with fewer than 100 employees, less than $50 million in venture capital raised, and less than five years old. This solution allows them to acquire a full enterprise package at a “fraction of the usual cost”.

Source: Tines

Traction

Tines has not publicly disclosed its revenue numbers. However, it revealed that it tripled its annual revenue in 2020 and, from its initial Series B raise in April 2021 to its Series B extension in October 2022, Tines saw a fivefold revenue growth and a fourfold increase in its customer base. By 2022, the company had over 150 employees worldwide, up from just 5 two years prior. Tines’ ARR then doubled year-on-year into 2023, and by early 2024, its ARR was over 200% higher than after the 2022 funding round.

As of June 2025, Tines has over 400 customers. And in February 2025, Tines stated the number of automated actions within the platform had more than tripled over the previous year, exceeding one billion tasks automated every week.

Valuation

As of July 2025, Tines has raised $271.2 million across six funding rounds. In February 2025, Tines announced a Series C raise of $125 million at a $1.1 billion valuation, led by Growth Equity at Goldman Sachs Alternatives. In April 2021, Tines announced an initial $26 million Series B raised by Addition at a $300 million valuation. Accel and Felicis led two Series B extension rounds of $55 million and $50 million, respectively, in October 2022 and April 2024. Though Tines did not disclose valuations, TechCrunch reported the post-money valuation at $423 million in the first extension and close to $600 million in the second.

Before this, Tines raised $11 million in a Series A extension from Accel in August 2020 and a $4.1 million Series A in December 2019.

Key Opportunities

Expansion Beyond Cybersecurity

Tines has successfully demonstrated its use outside traditional security operations, positioning itself for expansion into IT operations, DevOps, and compliance workflows. The platform’s flexibility allows automation in various departments, beyond SOC use cases, enabling Tines to move beyond security into areas like DevOps and IT. Hinchy notes that Tines’s no-code approach can disrupt broader enterprise workflows, not just security, which vastly expands its total addressable market. This diversification enables Tines to tap into new industries (e.g., software development, cloud operations, governance/risk), where manual processes can be automated, building on Tines’ success in cybersecurity to drive adoption in IT infrastructure, DevOps, and compliance tasks.

AI-Powered Automation and Predictive Analytics

Tines is investing heavily in integrating artificial intelligence and large language models (LLMs) into its platform to enhance automation intelligence. Fresh funding in 2025 was earmarked to “double down on R&D” for AI capabilities. In 2024, the company released AI-driven features and a Workbench chat interface to help users query data and take real-time action. By embedding AI, Tines can evolve from simple rule-based workflows to more predictive analytics and intelligent automation, identifying patterns in threats and compliance data proactively. This creates an opportunity for Tines to differentiate itself with smarter automation that adapts to emerging threats and optimizes decision-making for security teams.

International Growth & Enterprise Adoption

Tines has grown mainly in North America and has the opportunity for further global expansion. As of 2021, roughly 80-90% of Tines’ business was in North America, leading the company to establish a U.S. hub and plan aggressive headcount growth to support demand. Consistent funding has bolstered its credibility with Fortune 100 enterprises, making it easier to win large global customers. This momentum signals substantial international market potential, as rising cyber threats affect organizations worldwide. With a secure, no-code solution that reduces reliance on scarce security talent, Tines can appeal to enterprises in Europe, Asia, and other regions facing similar challenges. The security automation market itself is growing at ~13% CAGR globally, indicating ample room for Tines to expand geographically and across industry verticals.

Key Risks

Competitive Landscape

Tines operates in a crowded security automation market and faces intense competition from well-established players and platforms. These incumbents have strong brand recognition, vast enterprise sales teams, and deeply integrated solutions in large organizations. Tines must clearly differentiate its no-code, independent platform against competitors that are often more feature-rich or part of end-to-end security ecosystems. Hinchy has argued that while legacy SOAR tools are “more security-specific”, Tines offers cross-department flexibility. There’s a risk that larger vendors could copy Tines’ no-code approach or undercut on pricing (e.g., Microsoft including automation free with Sentinel). Tines needs to maintain technological leadership and demonstrate clear ROI to avoid being squeezed out by these major players with broader portfolios and bigger budgets.

Regulatory and Compliance Risks

Operating in the security and automation domain means Tines must adhere to stringent data protection and privacy regulations across jurisdictions. Laws like the EU’s GDPR and California’s CCPA impose strict requirements on how customer data is handled, stored, and processed, and non-compliance can lead to heavy fines or bans. Tines processes potentially sensitive security data and personal information through its workflows, so any misstep (e.g., a breach in Tines’ cloud service or improper handling of EU residents’ data) could not only result in legal penalties but also erode customer confidence. The company has taken steps to mitigate this; for instance, Tines achieved SOC2 compliance and allows customers to store and process data on their own infrastructure to maintain control. However, as Tines expands globally, it must keep pace with evolving laws, from Europe’s NIS2 and AI Act to sector-specific cybersecurity mandates (financial, healthcare, and federal government standards). Regulatory changes could necessitate costly adjustments or limit Tines’ cloud-based offerings in certain regions. Furthermore, Tines’ use of AI introduces compliance considerations: ensuring AI decisions are auditable and avoiding any bias or unlawful processing of personal data. In summary, compliance risk is twofold: Tines must maintain its own platform’s compliance and also help customers meet their regulatory obligations (e.g., by providing audit logs, data safeguards), or else risk losing business in highly regulated industries.

Weekly Newsletter

Subscribe to the Research Rundown

Summary

Founded in 2018 by Eoin Hinchy and Thomas Kinsella, Tines has established itself as a player in the security automation space. The company provides a no-code automation platform that empowers security, IT, and operations teams to streamline workflows, respond to threats, and manage incidents with speed and efficiency. By eliminating the need for complex coding, Tines enables organizations to automate repetitive tasks and focus on high-impact security initiatives.

Operating on a subscription-based model, Tines offers flexible pricing tiers to accommodate startups, mid-sized businesses, and large enterprises. Its emphasis on product-led growth and intuitive, user-friendly automation workflows has driven widespread adoption across various industries beyond cybersecurity, including IT operations and compliance. However, the company faces competition from established security automation players such as Palo Alto Networks’ Cortex XSOAR and Splunk SOAR. Key challenges for Tines include differentiation in a competitive ecosystem where companies increasingly offer embedded automation features and increasing regulatory changes with the introduction of AI into mainstream products.

Important Disclosures

This material has been distributed solely for informational and educational purposes only and is not a solicitation or an offer to buy any security or to participate in any trading strategy. All material presented is compiled from sources believed to be reliable, but accuracy, adequacy, or completeness cannot be guaranteed, and Contrary LLC (Contrary LLC, together with its affiliates, “Contrary”) makes no representation as to its accuracy, adequacy, or completeness.

The information herein is based on Contrary beliefs, as well as certain assumptions regarding future events based on information available to Contrary on a formal and informal basis as of the date of this publication. The material may include projections or other forward-looking statements regarding future events, targets or expectations. Past performance of a company is no guarantee of future results. There is no guarantee that any opinions, forecasts, projections, risk assumptions, or commentary discussed herein will be realized. Actual experience may not reflect all of these opinions, forecasts, projections, risk assumptions, or commentary.

Contrary shall have no responsibility for: (i) determining that any opinions, forecasts, projections, risk assumptions, or commentary discussed herein is suitable for any particular reader; (ii) monitoring whether any opinions, forecasts, projections, risk assumptions, or commentary discussed herein continues to be suitable for any reader; or (iii) tailoring any opinions, forecasts, projections, risk assumptions, or commentary discussed herein to any particular reader’s objectives, guidelines, or restrictions. Receipt of this material does not, by itself, imply that Contrary has an advisory agreement, oral or otherwise, with any reader.

Contrary is registered with the Securities and Exchange Commission as an investment adviser under the Investment Advisers Act of 1940. The registration of Contrary in no way implies a certain level of skill or expertise or that the SEC has endorsed Contrary. Investment decisions for Contrary clients are made by Contrary. Please note that, although Contrary manages assets on behalf of Contrary clients, Contrary clients may take any position (whether positive or negative) with respect to the company described in this material. The information provided in this material does not represent any investment strategy that Contrary manages on behalf of, or recommends to, its clients.

Different types of investments involve varying degrees of risk, and there can be no assurance that the future performance of any specific investment, investment strategy, company or product made reference to directly or indirectly in this material, will be profitable, equal any corresponding indicated performance level(s), or be suitable for your portfolio. Due to rapidly changing market conditions and the complexity of investment decisions, supplemental information and other sources may be required to make informed investment decisions based on your individual investment objectives and suitability specifications. All expressions of opinions are subject to change without notice. Investors should seek financial advice regarding the appropriateness of investing in any security of the company discussed in this presentation.

Please see www.contrary.com/legal for additional important information.

Authors

Vardan Sawhney

Senior Fellow

See articles

© 2025 Contrary Research · All rights reserved

Privacy Policy

By navigating this website you agree to our privacy policy.