Contents
This month, we’ve continued to expand Torq’s offerings. Discover the new workflow templates, intelligent integrations, and utility steps — all meticulously crafted to streamline security operations and amplify your team’s impact.
New Workflow Templates
Analyze Files with CrowdStrike Falcon Sandbox or Retrieve Cached Results
Put a stop to redundant file analyses. This template checks cached results for files analyzed in the last 24 hours, delivering instant insights when available. Need fresh data? The workflow submits the file for analysis, returning a detailed report featuring MITRE TTPs, related hashes, and more.
Synchronize Torq Runbooks with GitHub Automatically
Keep your runbooks effortlessly in sync. This automation updates your Torq runbooks whenever changes are committed to your GitHub repository. As a result, you can maintain up-to-date runbooks without lifting a finger.
Create Torq Cases from Proofpoint Clicks Permitted
Phishing attacks keep on coming, but this workflow has your back. It scans Proofpoint for “clicks permitted” events, enriches URLs with VirusTotal data, and automatically opens Torq cases.
Intelligent Automation Integrations
Your favorite tools are amplified with new Torq steps.
Seven new steps for the Abnormal integration provide deeper visibility into activities like employee logins and vendor actions:
- Get Vendor Activity
- Get Employee Login Details
- Get Vendor Case Details
- List Vendor Cases
- Get Employee Analysis
- Get Employee Information
- Get Vendor Details
Gain more control with several new steps in the Elastic integration:
- Upgrade Elastic Agent version
- Unenroll Elastic Agent from Fleet
- Get Agent Details by ID
- Get Agent Details by Query
The new “Get a Pull Request” step for the GitHub integration simplifies code review workflows.
Manage identity and access with enhanced options for the Okta integration:
- Reset User Password
- Create Policy Rule
- Get Policy
- List Policies
- Set Policy Rule Status
- Revoke API Token
- List API Tokens
- List Policy Rules
New Utility Steps for Seamless Operations
Smarter tools for transforming data and processes.
Output Utils: Effortlessly transform your data and turn complex logs into actionable information with the simplicity and elegance you expect.
- CLF to JSON: Seamlessly convert Common Log Format (CLF) logs into JSON, ready for integration with SIEMs, EDRs, XDRs, and beyond.
- CEF to JSON: Easily transform Common Event Format (CEF) data into JSON, unlocking enriched analysis and compatibility across your tools.
Utils: Discover new possibilities with tools that bring clarity to network data.
- DNS Resolution: Instantly resolve IP addresses into domain names, transforming raw data into meaningful insights. Connect malicious IPs to their domains for faster detection and response, and enrich your threat intelligence with actionable details.
- CIDR Validation: Validate IPv4 addresses effortlessly, ensuring they fall within authorized ranges. Automate access controls and dynamic firewall rules and flag unexpected traffic outside defined ranges to protect your most sensitive systems — even blocking entire regions or countries with precision and ease.
Stay Ahead with Torq
This month’s updates are just scratching the surface. With new workflow templates, smarter steps, and expanded integrations, Torq continuously improves to equip your security team to get more done, faster and strategically.
Now, you can do even more with the top-tier tools you trust, such as SecurityScorecard, Autotask, BitSight, CrowdStrike, Jamf Protect, Jira Cloud, Palo Alto Networks Cortex XDR, SentinelOne, Sumo Logic, ThreatConnect, urlscan.io, and Wazuh.
Want to see it all? Dive into the Full Content Digest for details.
