Material recently revamped our partner program, and we’re continuously evolving the way we deliver customer value with our partners. In fact, it’s largely the reason I joined Material last year, to help shape those integrations and stories. As a Partnerships leader, I’m always searching for valuable and insightful integration stories, and what better place to start than with our own technology stack internally? Material Security has been a Tines customer for a few years, and in late 2023 Tines became a Material Security customer. 

After talking with the Security and IT teams at both Material and Tines, two noteworthy themes emerged, and I think they’re both great blueprints for what we look for in an effective tech partnership: 

1. The platforms, individually, are really good at what they do.
2. The platforms provide benefits to both security and operational teams.

Brandon Maxwell, Head of IT, Security and Compliance at Tines summed up all these themes with one really insightful comment during our chat.

“I run a lean security organization, so any platform or product that I invest in has to help me automate, scale, and reduce overall risk. Material Security does all three.”

The Platforms Deliver on their Promises

Jesse Johnson, Staff Security Engineer who runs Corporate Security and IT at Material, (and previously an implementer of Material’s technology as a customer), told me that the best part of Material is that “it just works.” Maxwell echoed the same sentiment. 

The phrase is definitely at risk of semantic satiation, as we’ve been saying it for years now, but email remains the primary attack vector for hackers, even as we enter 2024. Having a platform in place like Material, which protects both the inbox (Phishing Protection) as well as the sensitive data inside of it (Data Protection and Identity Protection), helps enterprises cover their top security priority simply and securely. 

The Tines platform has helped both Tines’s and Material’s IT and security teams automate their response to attacks, including phishing attacks detected by Material. Both companies have connected Material to their security operations tools via Tines (Tines story library). On a call, Chris Long, Head of Security at Material, and Maxwell found that their core use case was identical at both Tines and Material. When Material opens a case to track a discovered phishing campaign, both companies pass that case information to a SIEM or SOAR platform. Further, both companies utilize the extended metadata that Material provides (attack type, detection type, affected users, affected messages, and more) to help prioritize case investigation by analysts. Chris Long noted the crucial part that Tines plays in helping him keep up with the scale of modern security operations:

“Why would I spend hours or days writing custom code when I can build a Story in Tines, and get the enrichment data I need into the open incident in a couple of minutes, in a way that’s completely reusable the next time we need it?”

Both Material and Tines “do what it says on the tin,” which comes back to the first theme: Material Security protects the cloud office, and Tines is the automation glue for security operations teams to act on those protections. Having clear and easy benefits is the jumping-off point for great partnerships.

Operational Benefits via Automation

The job of protecting corporate and customer data has never been more challenging. The changes in regulations from the SEC putting stricter requirements and much-expanded liability directly onto the back of the CISO have been much-discussed and well-documented (check out Material’s latest ask-me-anything session with insurance and industry risk leaders on the topic). These changes are just accelerating trends that we’ve seen for years, where CISOs are being asked to explain complicated security challenges to their CEO and Board Members in business terms, navigate an ever-growing list of security solutions and remain fluent with new trends in the industry, and protect company and customer data at all costs despite the new sets of risks brought on by ubiquitous cloud computing. 

In talking with Brandon Maxwell and Chris Long, it became very clear that both the Material and Tines platforms are also helping their teams ‘do more with less.’ For example, leveraging the API-first nature of the Material events engine, Maxwell pulls in very specific metadata from Material into his security operations cases to help with prioritization. He doesn’t have the team capacity to manually review every case the instant it arrives, but each case must eventually get reviewed for compliance. By specifically including information from Material about what type of attack each case represents, and how many affected messages and users are included in each case, Maxwell has built a prioritization queue concept to ensure that high-risk cases (cases affecting a specific category of user, for example) can be reviewed immediately, which other types of cases can have a slightly longer SLA. Additionally, Maxwell has built logic into his Tines implementation to automate updates back into Material as cases are reviewed; even the simple act of marking a case “reviewed and closed” and having that automatically update inside of Material saves his team valuable time without compromising security outcomes. 

Chris Long and Jesse Johnson from Material have found ways to leverage the Tines automation platform in creative ways as well, some of them not even in the security realm. For instance, Jesse has automated a number of routine IT tasks using Tines to simplify the moving parts of onboarding; critical account provisioning, device assignment and providing self-service capabilities with Slack. Tines is the fabric that stitches together systems that don't normally play nice together. Chris shared that part of the long-term plan for the security operations team includes aggregating alerts from a range of different security tools that Material has in place, and noted that the Tines platform will be the fabric that ties everything together on his side as well. Whether it’s having a properly-provisioned laptop, or ensuring that security metadata flows easily between tools and analysts, each of these workflow-driven use cases makes Material’s employees and customers safer, and helps Chris and Jesse scale their teams and meet stringent new requirements in the industry.

Bringing it all together: Partnerships are built on value and outcomes

We know that CIOs and CISOs face massive pressure to reduce the number of tools in their technology stack (Gartner), and yet as discussed above, face increasing penalties (both professional and personal) if a security incident happens under their watch. The only way forward is to have security platforms that integrate well and actually drive operational efficiencies along with security outcomes.

When looking at making investments in security, the Material and Tines teams both realized that their requirements couldn’t be met by point solutions. API-first architectures, seamless and simple scalability, and a drive for automation were the critical design requirements that both platforms met. Detecting and responding to bad actors is at the core of both platforms, but there’s an incredible amount of value in finding additional creative use cases to help keep customer data safer and make operational teams more effective. 

Hearing the real-life use cases from both Material’s and Tines’ security teams made me realize that this is a partnership based on tangible, valuable outcomes. This is what excites me about the future. Look for more from Material and Tines in the coming quarters, as we continue to work more and more closely together to bring cloud office security and security automation solutions to market.

Want to learn more? See how you can partner with Material or Tines.