Tines is a no-code workflow automation platform for security and IT teams that uses a drag-and-drop interface to connect APIs and automate repetitive tasks with embedded AI decision-making.

What are the main features of Tines?

The main features of Tines include: Storyboard Builder (Drag-and-drop editor with 7 Action types), AI Agent Action (Embed autonomous AI agents in workflows), Workbench (AI Chat) (Query data and trigger actions via natural language), Cases (Security incident management with centralized boards and checklists).

How much does Tines cost?

Community (Free): $0, 3 builders, 3 stories, 5000 daily events. Starter Edition (New): Unquoted, for small teams. Startup Program: $5,000/year, full features. Business/Enterprise: Contact sales.

Core users are security operations teams (SOC analysts, security engineers), but it's also used by IT ops, DevSecOps engineers, and some non-security business teams.

What are the alternatives to Tines?

Alternatives to Tines include: Competes with Splunk SOAR (heavy, Python-based), n8n (open-source, general), and Zapier (connector-based, non-security). Tines differentiates with API-first no-code, native security focus, and built-in AI Agents..

Tines: The "Swiss Army Knife" for Security Teams, but Indie Devs Should Try the Free Version First

2026-02-12 | Product Hunt | Official Website

30-Second Quick Judgment

What it is: Tines is a no-code workflow automation platform built for security and IT teams. You use a drag-and-drop interface to chain various tools together via APIs, letting machines handle repetitive tasks like alert triage, ticketing, and incident response. They recently added AI Agent functionality, allowing for autonomous AI decision-making within workflows.

Why it matters: If you're building products for security ops or IT automation, you need to watch Tines. They just closed a $125M Series C led by Goldman Sachs at a $1.125B valuation, making them Ireland's newest unicorn. It represents the evolution of the SOAR (Security Orchestration, Automation, and Response) track from "writing Python scripts" to "stacking building blocks." However, if you just want simple personal automation, Zapier or n8n might be a better fit.

Three Key Questions

Is it for me?

Target Users:

Security Ops Teams (SOC Analysts, Security Engineers) — The core audience.
IT Ops Teams (Handling tickets, user provisioning, system integration).
DevSecOps Engineers.
Growing number of non-security business teams (companies like Mars and Crossbeam use it for business automation).

Are you the one?: If you spend hours every day on repetitive security alerts, manual ticket routing, or moving data between systems, you are the target user. If you're an indie dev building automation tools, Tines' philosophy (API-first + no-code + AI Agent) is a masterclass worth studying.

Common Scenarios:

Security alert arrives → Auto-enrich IOCs → Determine severity → Create Jira ticket → Notify Slack.
New employee joins → Auto-provision accounts, permissions, and hardware.
Phishing report → Auto-analyze URLs → Quarantine email → Update blocklist.
Off-label use: Auto-tweeting blog posts or simple Webhook forwarding.

Is it useful?

Dimension	Benefit	Cost
Time	Saves security teams 44% of manual repetitive work time	1-2 weeks to learn the platform, 1-2 months to master
Money	Reduces headcount needs; 1 person can do the work of 3	Free version limited to 3 stories; Paid requires sales contact; Startup Plan $5000/yr
Energy	Massive reduction in alert fatigue; 76% of security pros have faced burnout	AI credits burn fast; requires careful usage planning

ROI Judgment: For security/IT teams of 5+ people, the ROI is massive. The free version is enough to test the waters—3 stories and 5000 daily events cover basic needs. But for solo devs or small teams needing simple automation, n8n (open-source/free) or Zapier (easier entry) is more cost-effective.

Is it any good?

The Highlights:

API-First Design: Doesn't rely on pre-built integrations; if it has an API, it works. While traditional SOAR requires Python, Tines handles everything with an HTTP Request Agent.
7 Actions Solve Everything: It looks simple, but the combinations allow for incredibly complex workflows.
AI Agents in the Workflow: The 2025 Agent action lets you drop an AI Agent into the Storyboard, give it specific tool permissions, and let it make autonomous decisions.

The "Wow" Moment:

"Our experience with Tines has been nothing short of a revolution for our security operations." — User on Gartner Peer Insights

Real User Feedback:

Positive: "The simplicity of use and complexity of applications enabled by using 7 actions within Tines is incredibly helpful. There is a massive amount of use cases." — G2 User Positive: "Allows folks with little development experience to rapidly craft security automation." — Gartner User Critique: "Story licensing & how trying to split stories up to be more functionally usable creates a much larger cost." — Gartner User Critique: "Could be slightly pricey for smaller teams." — Multiple platform users

For Developers

Tech Stack

Platform Type: No-code SaaS, drag-and-drop Storyboard editor.
Core Architecture: 7 Action Types (HTTP Request, Event Transform, Trigger, Send Email, Send Message, Receive, AI Agent), API-first design.
AI Capabilities: Tines Workbench (AI Chat interface) + AI Agent Action + MCP (Model Context Protocol) support.
Security Architecture: Data stays in the stack, doesn't go to the public web, isn't used for training, SOC 2 Type 2 certified.
Infrastructure: Cloud SaaS, utilizing roughly 40 internal tools and tech stacks.

Core Implementation

Tines' core logic is replacing traditional pre-built connectors with 7 universal Action blocks. Each Action acts like a function: HTTP Request calls APIs, Event Transform handles data, and Trigger manages conditional logic. Users link these like LEGOs to create a "Story" (workflow). This design ensures compatibility with any API-enabled system without waiting for official integrations.

The 2025 AI Agent Action is a major upgrade: you can place an AI node in a workflow, assign it tools (e.g., "can add comments, cannot delete"), and let it decide the next step within those guardrails.

Open Source Status

Tines is not open source; it is a closed-source SaaS.
Official GitHub: 8 repositories, mostly small utilities (like turbo_tests).
Open Source Alternatives: Tracecat positions itself as an open-source Tines/Splunk SOAR using YAML + no-code UI; EasyFlow is another alternative.
Build Difficulty: High. A team of 3-5 would likely take 6-12 months for an MVP. The challenge isn't the tech, but covering the edge cases of thousands of APIs and the workflow engine.

Business Model

Monetization: SaaS subscription based on user count and feature tiers.
Free Tier: Community Edition (3 builders, 3 stories, 5000 daily events).
Starter Edition: Launched Feb 2026 for small teams (pricing unquoted).
Startup Plan: $5,000/year for startups, full features.
Enterprise: Custom pricing via sales.

Giant Risk

Yes, but Tines is holding its ground. Microsoft has Power Automate + Sentinel, Palo Alto has Cortex XSOAR, and Splunk has its own SOAR. Tines' edge is being "vendor-neutral"—it connects to everything, whereas giants often lock you into their ecosystem. Notably, CrowdStrike is an investor in Tines, suggesting giants prefer partnership over competition.

For Product Managers

Pain Point Analysis

Problem: Security teams spend 44% of their time on automatable manual work (Tines 2026 Report), and 76% of pros experience burnout.
Severity: High frequency (daily alerts) and high demand (structural talent shortage in security).

User Persona

Core: SOC Analysts, Security Engineers at mid-to-large enterprises (Coinbase, Databricks, GitLab, Snowflake, and Reddit are customers).
Secondary: IT Ops, DevSecOps, Business Ops.
Scenarios: Alert triage, incident response, access management, compliance audits.

Feature Breakdown

Feature	Type	Description
Storyboard Builder	Core	Drag-and-drop editor with 7 Action types
AI Agent Action	Core	Embed autonomous AI agents in workflows
Workbench (AI Chat)	Core	Natural language data queries and action triggers
Cases	Core	Incident management with boards and checklists
Pages & Apps	Extra	Custom front-end forms and dashboards
MCP Support	Extra	Model Context Protocol to connect external AI tools

Competitive Differentiation

vs	Tines	Splunk SOAR	n8n	Zapier
Core Diff	API-first no-code	Requires Python	Open-source/Self-host	Pre-built connectors
Security Focus	Native security	Security-focused but heavy	General purpose	Non-security
Pricing	Free start, Enterprise	High enterprise cost	Free (Self-hosted)	From $20/mo
AI Capability	Native Agent + Workbench	Limited	AI Nodes available	Basic AI features
Strength	Flexible, Easy, Secure	Ecosystem integration	Open, Cheap	8000+ Integrations

Key Takeaways

The "7 Actions" Philosophy: Instead of 1000 connectors, build 7 universal blocks. This lowers maintenance and maximizes flexibility.
Limited Autonomy AI: Define clear boundaries for AI (what it can/can't do) to balance deterministic logic with autonomous decision-making.
Community Edition Flywheel: Free tier → User adoption → Team viral spread → Enterprise purchase.

For Tech Bloggers

Founder Story

Founders: Eoin Hinchy (CEO) + Thomas Kinsella (CCO).
Background: Eoin spent 10+ years in security at Deloitte, eBay, and DocuSign. He personally handled the eBay breach affecting 145M users. Masters in Security Forensics + Imperial College MBA.
The "Why": At DocuSign, he saw security teams stuck in a loop of "too much work, too many alerts, not enough people." Existing SOAR tools were either too complex or too fragile.
The Best Story: In 2018, they started in a tiny office under a bridge in Dublin with 100 euros in the bank. They entered a bake-off against two companies worth $60B and $30B for a Fortune 5 pharma client. They won, and that company is still a client today.

Controversies & Discussion Points

Angle 1: "SOAR is dead, Workflow Automation is forever" — Tines is pushing this narrative, claiming traditional SOAR is too bloated.
Angle 2: Where is the line for AI in security? Tines uses "Limited Autonomy," but who is responsible when an AI makes a security decision?
Angle 3: Can Ireland keep producing $10B+ security firms? Tines is the latest unicorn, and the founders emphasize Ireland's talent and location.

Hype Metrics

PH Rank: 363 votes (Launched Feb 2026 for Starter Edition).
G2: #1 highest rating among 500+ products, 200+ reviews.
Gartner Peer Insights: 5.0/5.
PeerSpot: 9.0/10.
Search Trends: Massive spike after Series C funding.

Content Suggestions

Story Angle: "From a Bridge Office to a Unicorn: How Two Security Vets Used No-Code to Disrupt SOAR."
Trend Opportunity: AI Agent implementation in enterprise security (Tines is a pioneer here).

For Early Adopters

Pricing Analysis

Tier	Price	Features	Is it enough?
Community (Free)	$0	3 builders, 3 stories, 5000 daily events	Good for personal/small team testing
Starter Edition (New!)	Unquoted	For small teams, scaled-down full features	Good for teams graduating from Free
Startup Program	$5,000/yr	Full production-grade tenant	High value for startups
Business/Enterprise	Contact Sales	Unlimited stories, SSO, Advanced features	For mid-to-large enterprises

Quick Start Guide

Time to Value: 30 mins for basics, 1-2 days for a useful workflow.
Learning Curve: Low to Medium. No-code is intuitive, but mastering it requires understanding APIs and JSON.
Steps:
1. Sign up for the free Community Edition (tines.com).
2. Pick a template from the Story Library (e.g., "Phishing Alert Triage").
3. Connect your tools (Slack, Jira, etc.).
4. Test run and adjust parameters.
5. Enable automatic triggers.

Gotchas & Pitfalls

Story Licensing Trap: You might want to split a big Story into smaller ones for management, but each Story counts as a license. Costs can skyrocket if you over-segment.
AI Credits Burn: Workbench and AI Agent features use credits; watch your usage to avoid going over budget.
Documentation Depth: Coverage is broad but sometimes lacks the depth needed for complex, advanced logic.
Git Integration is Premium: Version control is locked behind high-tier plans, which is a pain for team collaboration.

Security & Privacy

Data: Cloud-based, but AI data stays in-stack and isn't used for training.
Compliance: SOC 2 Type 2.
Support: Dedicated Slack channels for customers with fast response times.
RBAC: Built-in role-based access control.

Alternatives

Alternative	Pros	Cons
Tracecat (OS)	Free, YAML, GitHub Actions syntax	Less mature, smaller community
n8n (OS)	Free self-hosting, huge community	Not security-specific; requires manual setup
Zapier	8000+ integrations, easiest entry	Not for security; expensive task-based billing
Splunk SOAR	Strong security ecosystem	Heavy, expensive, requires Python
Torq	Direct security competitor	Less brand recognition than Tines

For Investors

Market Analysis

SOAR Market Size: ~$1.72B in 2024, projected $3.3B-$4.4B by 2030.
CAGR: 14.3%-18.8%.
Cloud Share: 71% (2024), with cloud growth at 24.4% CAGR.
Drivers: Rising cyberattacks, talent shortage, AI-driven automation, stricter compliance.

Competitive Landscape

Tier	Players	Positioning
Leaders (Giants)	Palo Alto, Splunk, IBM	Locked into their own security ecosystems
Mid-Tier (Independent)	Swimlane, Torq, Fortinet	Vertical security automation
Challengers	Tines, Tracecat (OS)	API-first, no-code, AI-native
General Automation	Zapier, n8n, Workato	Cross-over from non-security sectors

Timing Analysis

Why Now: 99% of SOCs use AI, but 44% of work is still manual. AI Agent tech is finally ready for "semi-autonomous" ops. Traditional SOAR is too heavy for the current market.
Tech Maturity: LLM + Agent frameworks have moved past the hype into practical utility. Standards like MCP are increasing tool interoperability.
Market Readiness: High. SMB security needs are growing (targeted by the Starter Edition), while traditional SOAR only serves the high end.

Team Background

CEO Eoin Hinchy: 10+ years in security (Deloitte, eBay, DocuSign). Masters + MBA.
CCO Thomas Kinsella: Fellow security veteran.
Scale: 2 people in 2018 → 150+ in 2022 → Now US-heavy workforce.
Dual HQ: Dublin + Boston.

Funding Status

Total Raised: $272M over 6 rounds.
Latest Round: Series C $125M (Feb 2025), led by Goldman Sachs.
Valuation: $1.125B (Unicorn).
Investors: Goldman Sachs, SoftBank, Accel, Felicis, CrowdStrike, etc.
Revenue: Estimated $10M-$99M (CB Insights), ARR not public.
Growth: 3x growth in platform automation actions over the last year, now 1B+/week.

Conclusion

Tines got one thing right: they turned security automation from "scripting" into "building blocks." With the addition of AI Agents, it's evolving from a SOAR tool into the "Operating System for Security Teams." An $1.1B valuation isn't cheap, but in a $4B+ market, their position is very secure.

User Type	Recommendation
Developers	Study their API-first + 7 Action philosophy. Check Tracecat for an open-source version. Use the free tier to experiment.
Product Managers	Borrow the "minimalist blocks + universal API" design. The Community Edition flywheel is a great case study.
Bloggers	Great founder story (bridge office to unicorn). AI Agent + Security is a trending topic.
Early Adopters	Free version is enough to start. If you're a security team, the $5000/yr Startup Plan is worth it. Watch the story licensing costs.
Investors	15-19% CAGR in SOAR. Tines has strong product-market fit and high-quality clients. Watch for cross-over competition from n8n ($2.5B).

Resources

Resource	Link
Official Website	tines.com
Product Hunt	producthunt.com/products/tines
GitHub	github.com/tines
Documentation	explained.tines.com
Engineering Blog	tines.com/blog/engineering
Pricing	tines.com/pricing
Contrary Research Report	research.contrary.com/company/tines
Tracecat (OS Alt)	github.com/TracecatHQ/tracecat
Twitter/X	@tines_hq

2026-02-12 | Trend-Tracker v7.3

Tines