Tines (IT)
No-code AI agent builder expanding from security into IT automation
Tines is the no-code automation platform that security teams trust for high-stakes workflows and IT teams love for its elegance — a rare combination of power and simplicity that enterprise teams can actually adopt without a dedicated automation engineer.
SWOT Analysis
- Clean, no-code story builder that security and IT analysts can use without engineering support
- Strong enterprise trust: used by teams at Coinbase, Canva, and Databricks for high-stakes workflows
- Expanding from security (SOAR replacement) into IT operations — same platform, new use cases
- $1B+ valuation with $60M+ ARR validating strong enterprise product-market fit
- Human-in-the-loop steps are first-class — unlike competitors that bolt them on
- IT automation expansion: winning IT operations deals on the back of security team success
- AI story creation: LLM-generated automation workflows from natural-language descriptions
- Platform ecosystem: Tines as the automation backbone embedded in ITSM and SIEM products
- Cross-functional automation: HR, finance, and legal teams using Tines for non-IT workflows
- No built-in AI reasoning engine — relies on external LLM API calls for AI-powered decisions
- Less out-of-the-box content than Torq or Splunk SOAR for security-specific scenarios
- IT operations templates and use cases are newer and less proven than security workflows
- Enterprise compliance certifications and audit features still being expanded
- Torq competing in the same no-code security + IT automation space with deeper AI features
- Palo Alto XSOAR and Splunk SOAR building no-code interfaces to reduce security team Tines adoption
- Microsoft Power Automate winning in M365-first enterprises for IT operations workflows
- Purpose-built ITSM automation (ServiceNow, Atomicwork) defending the IT operations budget
User Sentiment
Synthesized from G2, Gartner Peer Insights, and analyst review data.
- Story-based workflow builder is the most intuitive automation UX in the market
- High-stakes security workflows run reliably — teams trust Tines for critical response actions
- Flexibility to call any API and build custom integrations without pre-built connectors
- Hands-on onboarding and white-glove customer success for enterprise accounts
- Expanding IT use cases feel natural — the platform scales beyond security organically
- No built-in AI reasoning — LLM integration requires external API configuration and prompt engineering
- Pre-built content library is smaller than legacy SOAR alternatives
- Collaboration features for teams working on the same automation story need improvement
- Debugging complex stories with many branches requires patience
Pricing & TCO
Analyst-synthesized pricing signals — directional only, contact vendor for current terms.
Starting Price
Free (5 live Stories); from $500/month (Team)
Typical ACV (Mid-Enterprise)
$30K–$150K for enterprise
Market Segments
Deployment
Key Cost Drivers
- Number of live automation workflows (Stories)
- Monthly action run volume above plan limits
- Credential store and team collaboration features in higher tiers
One of the rare vendors with a published price list — rare transparency in ops automation.
Full comparisonCustomer Profile
Typical segments
Typical buyer
Head of Security Engineering, IT Director, or VP of Operations
- 1Security orchestration and automated response replacing legacy SOAR complexity
- 2IT operations automation for alert triage, ticket management, and routine remediation
- 3Cross-team automation workflows spanning security, IT, and business operations
Future Focus Areas
Tines AI: native LLM reasoning integrated into story steps for intelligent automation decisions
IT automation library: building out a dedicated set of IT ops templates to match security depth
Collaborative automation: multi-user story editing and team-based automation governance
Tines Platform API: enabling third-party products to embed Tines automation capabilities
Analytics and ROI measurement: dashboards proving automation impact for executive reporting