Does anyone know of a list/can name companies that don't charge for SSO, Audit Logs[0], that have a free edition where you don't have to talk to a salesperson to evaluate etc.?

[0] https://audit-logs.tax/

"An appraised value" could work for companies too! Though, in fairness, for many billionaires the gains are pretty explicit i.e. we know the public stock price or the 409a valuation.

Co-founder of Tines here. This is exactly why we built Tines - I spent years working in security, and tried nearly a dozen different SOAR/SOAR-like solutions and felt the all were too complicated and the "connector" model was way too hard - the integrations were all quirky and limited.

Tines is completely different - we don't rely on any prebuilt integrations - similar to postman, if you have a curl command then you can paste it into Tines, and the response is simply the json from the API you're hitting - makes it a million times easier to do exactly what you want. You can then use that response in the next action. If the API is terrible (it frequently is) we've a ton of templates to help get the relevant data, and a community with experience connecting to most tools.

Would love to talk about the challenges and see if anything we're doing (or could do) which would have made it easier? I hope you're in a better job now anyway!

Thanks for the feedback! We've implemented a ton of features since then, most notably story history & versioning, annotations for documenntation, better alerting on changes (e.g. no event in 24 hours etc.), but recognise there's still a long way to go. I'd love to hear some more feedback if you want to DM me, it sounds like the project was a bit of a horror show!

Co-Founder of tines here, thanks for all of very valid feedback, there’s loads to think about! I’ll respond to a bunch of the comments individually but the one thing I’d say is try it - it’s way more powerful and flexible than any of the products listed here, although it’s marketed as no-code it’s built by engineers for engineers, with tonnes of enterprise features (Retry on status, connecting to external password vaults, global functions and resources, MTLS, forms, free SSO, curl converter etc.)

As mandatum says above “The UX of Tines beats the pants off ALL of their competitors.” And we can talk about price.

Happy to answer any questions folks have too!

Can you expand on your approach to pricing? $30k/year to only automate 10 separate tasks would be a non-starter for me. As a personal tool, the community version w/ 3 free is a nice way to demo things but too few stories to bother trying to run personal projects & conveniences on it.

My interpretation of your pricing is that you're positioning it towards businesses that only have a small number automation targets, but those targets might have a high level of complexity & are repeated very often. At least that's the main market target that makes sense to me given the pricing model.

"although it’s marketed as no-code it’s built by engineers for engineers"

Not sure I understand the product positioning

As a product manager in this space, this stood out to me too. If I had to speculate:

- “Low code” is the current shiny thing

- These products are not sold to engineers, they’re sold to management types

- Management will only consider bringing in low code tools, because they believe this will save money on devs in the long run

- But that’s never how things play out, and engineers get involved anyway

So by making a “low code tool for engineers”, it seems they’re acknowledging the reality of the low code space and making sure the person who ultimately has to maintain this has the tools to make them successful while doing so…while also acknowledging the reality of selling integration/automation tools in 2022.

I could be way off here, but this is the only way that positioning makes much sense.

I guess it's meant to be low-code but as engineers they understand you can't low-code your way out of everything so escape hatches or advanced settings are provided for when "low code" isn't enough.

Does Conor O'Neill work for Tines? I couldn't figure out if this was an unpaid customer testimonial or just normal content marketing?

It's usually really hard to negotiate a longer post termination exercise window as an individual, as that will have to be written into the options plan (which requires board/investor majority approval and is generally a huge legal doc written before). However a lot of strong startups these days are offering all employees with longer (e.g. >2 years) experience the opportunity to exercise for 3+ years and sometimes significantly longer.

https://github.com/holman/extended-exercise-windows is a good resource!

Yeah love Zach's Github repo, I hope that a longer exercise window becomes the norm as more companies offer it to stay competitive.

Be careful if you're trusting any of those sandbox services for accurate results though - some malware is able to detect the VM they're running in and refuse to run the malicious payload. Often times legitimate cracks will be distributed on sources like Usenet using a "binder" to attach the malicious payload the an otherwise perfectly fine crack.

As a side note, for some reason, there's way more malware on usenet than bittorrent, I've even found it on games on major NZB sites, possibly just due to the seed counts weeding out the malicious ones via simple popularity in the public bittorrent world.

> if you execute the malware then plan to throw away all equipment you’re using to analyze it

I'm not sure your run of the mill malware is doing anything that can't be fixed by a format and reinstall, but yes, use an isolated VM.

Cuckoo Sandbox is a decent self hosted tool for analysing malware. Though a complete pain to setup. Even with some of the scripts making parts of it easier.

MalwareBazaar allows users to share live samples of indicators and not just hashes/metadata associated with them which threat Intel platforms like AlienVault do. There are several differences between the two but the biggest advantage (along with providing the actual malware to you) for MalwareBazaar is that it’s higher fidelity - you will get far fewer false positives as the barrier to entry is much higher. Nobody is going to label 8.8.8.8 as malicious which happens occasionally in AlienVault. As such this isn’t really a service, it’s more a way for the more advanced threat Intel analysts and reverse engineers to share data.

I love the lure, and I respect the GitLab team for making it public, but this is a tough read - it’s putting way too much responsibility on the end-user. For example I’m a huge fan of security teams using email headers to analyze suspicious messages, but I think it’s a step too far to expect a user to ever look at an email header, no? We can hardly get regular end-users to hover over a link; encouraging them to open up email headers to see what service the mail was sent from, or to understand what a “received” message header vs an x-originating-ip means is counter-productive. Headers are hard to understand even for a security analyst, asking HR or Recruitment or Sales to analyze them and understand them feels like the red-team are underestimating how little time everyone has and overestimating how technical most employees are!

Most companies will have a firewall on their corp network so new domains, or malicious-categorized websites will usually be blocked which offers additional protection above working from home. You can obviously use an always-on-VPN for wfh companies, or tools like Cisco Umbrella, ZScaler or Netskope, but many companies haven't done that yet.