In the world of online design and visual communication, Canva stands out as a creative powerhouse. But behind the scenes, the global company is equally dedicated to protecting its most valuable asset: its employees’ digital identities.
There are two keys to being able to do this successfully, as it’s no small task in a complex and evolving threat landscape:
- The quality of Cybercrime Analytics used to inform action by security teams
- The efficiency of threat response
Recognizing this, Canva powers its efforts with the SpyCloud + Tines integration, informing responses with SpyCloud’s Cybercrime Analytics and leveraging Tines’ automated workflows as the driving forces behind its employee protection.
A little background
Canva has been a SpyCloud customer since 2022, leveraging SpyCloud Enterprise Protection to protect the accounts of their global employees and customers, gain visibility into threats to employee identities, and identify risks associated with third-party systems and unmanaged devices.
“Having accurate, insightful data from SpyCloud on potential cyber threats empowers my team to proactively protect employees, not just react to breaches. In my mind we’re not just protecting our team, we’re building a resilient security culture. SpyCloud’s data makes us prepared and confident in our ability to face any threat.”
-Jasmina Zito, Cyber Threat Intelligence Lead, Canva
How the SpyCloud and Tines integration works
Tines is an incredibly helpful product for building cybersecurity workflows without requiring complex code. Customers build no-code, automated workflows in Tines that combine SpyCloud’s recaptured darknet data with other security tools like IAMs, TIPS, and EDRs to enhance the incident response process.
“At SpyCloud, we believe that every customer should be able to easily use our Cybercrime Analytics to protect their employees from targeted cyberattacks – without having to invest so much time in writing code and manually verifying and escalating threat incidents,” said Jacob Wagh, Product Leader at SpyCloud. “That’s why we teamed up with Tines. Tines shares our commitment to making security protection more approachable, and their innovative technology provides the perfect environment for Cybercrime Analytics to shine.”
SpyCloud’s integration with Tines streamlines workflows for incident response, improving the protection and response to any threats across the ever-growing attack surface. Customers who leverage the integration can automate security responses with pre-built and customizable Tines Story templates that use SpyCloud recaptured breach and malware records.
SpyCloud customers can use Tines to gather new breach data for your watched domains and either build new cases or add alerts to existing cases.
Examples of SpyCloud workflows built into Tines Stories
Security teams often use Tines to segment automated workflows based on the type of data they’re ingesting from SpyCloud, to accomplish things like:
- Tailored response: Responding to SpyCloud breach and malware records for employees differently than the steps involved for remediating exposed customer credentials.
- Granular triage: Segmenting SpyCloud notifications into workflows based on details found in the malware records - like device type and operating system - to make sure teams can complete comprehensive Post-Infection Remediation steps.
- Case management: Detect new SpyCloud breach records and generate cases in Tines, if they don’t already exist.
- Proactive notification: Alert users in tools like Slack if their email was detected in a newly published SpyCloud breach record.
What Canva’s automated threat response workflows look like, powered by SpyCloud and Tines
By leveraging Tines’ robust, no-code automation capabilities, Canva efficiently streamlines and consolidates SpyCloud’s Cybercrime Analytics into workflows that proactively detect and monitor for compromised employee credentials and account takeover risk. Here’s a look at some of the steps Canva uses in their workflow.
Canva + SpyCloud + Tines workflow details
STEP
Ingest SpyCloud data into Tines
Canva configures SpyCloud API credentials using Tines connectors to set up an integration and schedule regular data pulls from SpyCloud.
PRO TIP: Given that SpyCloud releases new breach and malware data daily, you can configure it accordingly to incorporate the latest information into your dataset.
STEP
Automate rules for malware and third-party application breach records
Canva implements conditional logic within Tines to filter SpyCloud malware records and third-party application breaches. They leverage Tines’ automation capabilities to analyze and categorize threats based on predefined criteria, removing non-critical alerts, and triggering two different workflows based on the data type.
STEP
Transform SpyCloud data for a case management system
Canva uses Tines to map relevant fields from SpyCloud to the corresponding data fields within their case management system, calling SpyCloud’s API for any necessary enrichment steps to enhance the context of the breach or malware data.
STEP
Ingest SpyCloud data into a case management system
Canva defines workflows within Tines to seamlessly push the SpyCloud data into their case management tool of choice, ensuring data integrity at every step.
STEP
Notify security operations via Slack
Canva uses Tines to send a summary of the newly created case to Slack to notify their security operations team.
STEP
Escalate incidents based on predetermined criteria
Canva uses Tines to analyze incoming data for threat indicators and pages a team member to escalate the created case and ensure a timely response.
STEP
Monitoring and optimization
Canva regularly monitors the workflow’s performance and confirms active credentials and authentication methods for secure data transfers between SpyCloud, Tines, and their case management tool. Adjusting filters and criteria as needed helps them adapt to the evolving threat landscapes.
This workflow is just one example of how Canva consolidates multiple data points to make smart decisions and support their overall security goals.
“Tines’ no-code approach paired with SpyCloud employee data means we can spend more time analyzing and combating threats, and less time on operational toil. It’s had a huge impact on our efficiency and outcomes.”
-Jasmina Zito, Cyber Threat Intelligence Lead, Canva
The synergy between Tines and SpyCloud equips Canva with a proactive approach to cybersecurity, enhancing its ability to detect, mitigate, and respond to security incidents effectively. Integrations with tools like Tines and a case management system do a lot to optimize workflows and put next-generation threat intelligence to use. Canva’s example of integrating SpyCloud data is just one of many that showcase the sophistication of our customers as they work to defend against the latest threats to employee identities and corporate data.
Learn more about SpyCloud integrations
SpyCloud’s extensive integrations with key vendors across the entire security landscape deliver actionable, next-gen intelligence to power your efficient response against next-gen threats. SpyCloud customers continue building interesting workflows within Tines and are responding to our improvement in daily malware records. Be on the lookout for more published Tines Stories using SpyCloud data to protect against and respond to malware exposures, even for third-party-hosted applications.
Get started today
- Want to collaborate in real time to design stunning visuals using easy-to-use templates? If you’re not using Canva within your organization, try it out!
- To get started with a free trial and experience the power of automation with Tines, explore SpyCloud's published Stories or start creating your own response.
Ready to layer next-gen intelligence into your workflows to better defend against evolving cyberattacks? Learn more about SpyCloud Enterprise Protection and integrations.
