Torq’s No-Code Security Automation Solution Now Available in AWS Marketplace
By Torq
November 21, 2022
2 Minute Read
Torq is proud to announce the immediate general availability of its no-code security solution in AWS Marketplace, the curated digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services (AWS).
Torq’s presence on AWS Marketplace streamlines and shortens the procurement process to handle the exponentially-increasing demand for our solution serving Fortune 500 enterprises to fast-growing medium-sized companies and small innovative businesses across every industry vertical.
Our availability on the AWS Marketplace, as well as private offers, provide Torq the flexibility to customize our offering for AWS-based cloud-native customers, while ensuring the smoothest purchase and deployment processes possible. This reduces overhead and complexity for Torq and its customers alike.
An improved vendor onboarding process, resulting in a 75% reduction in onboarding efforts for new vendors
Reduced time processing invoices, leading to a 66% reduction in time spent due to procurement efficiencies
Increased licensing flexibility, leading to a 10% reduction in licensing costs
With Torq in AWS Marketplace, it has never been easier for customers to rapidly access and implement our industry-leading solution to ensure the strongest security posture possible against all cyberthreats. Learn more and purchase Torq in AWS Marketplace
Torq Announces Advisory Board Featuring Global Cybersecurity Visionaries
By Torq
November 21, 2022
4 Minute Read
Torq Announces Advisory Board Featuring Global Cybersecurity Visionaries
Torq is extremely proud to announce the formation of the Torq Advisory Board, a group of some of the world’s most respected cybersecurity professionals, including several industry-leading CISOs and heads of information security. All of our advisors have made major impacts in cybersecurity for their companies, and for the industry at large. They have strongly advocated leveraging cutting edge technologies to drive greater effectiveness and productivity across organizational cybersecurity ecosystems, positively impacting systems, processes, and people.
Our Advisory Board is helping guide Torq as we further expand our Security Automation offerings and capabilities, serve more and more global enterprises, and continue to integrate the majority of cybersecurity systems into our platform.
Members of the Torq Advisory Board include:
Jason Chan, Former VP of Information Security, Netflix
Jason has more than 20 years of experience working in cybersecurity, including adopting security automation, cloud security, and enhancing security in modern software development practices. Jason’s most recent career experience was leading the information security organization at the video streaming behemoth Netflix for more than a decade. His Netflix team set the bar extraordinarily high, focusing on sophisticated risk assessment and management, and compliance management strategies and approaches.
Talha Tariq, CISO, HashiCorp
In his role at HashiCorp, Talha is responsible for protecting the security of his company, customers, and partners as it provisions, secures, connects, and runs cloud infrastructure for their most important applications. He has 15 years of experience building and scaling security programs from startups to Fortune 100 organizations. Prior to HashiCorp, Talha served as CISO at Anki where he was responsible for corporate information security, product and application security, privacy engineering, security operations, and incident response. Talha also served as Director of Security Consulting at PwC, advising clients across a range of industries on matters related to data breaches, hacking events, security program development, and threat assessments.
Yaron Slutzky, CISO, Agoda
Yaron is responsible for security at Agoda, one of the world’s fastest growing-online travel booking platforms. From its beginnings as an e-commerce start-up based in Singapore in 2005, Agoda has grown to offer a global network of two million properties in more than 200 countries and territories worldwide. It provides travelers with easy access to a wide choice of luxury and budget hotels, apartments, homes, and villas. Headquartered in Singapore, Agoda is part of Booking Holdings and employs more than 4,000 staff in more than 30 countries. Prior to Agoda, Yaron was CISO at Cellcom, and Information Technology Director at Numark Innovations.
Bill McKinley, CISO, SigFig and former Head of Information Security at The New York Times
Bill serves as CISO for SigFig, an enterprise financial technology firm that develops next-generation products for financial institutions, advisors, and their customers. Through its partnerships with financial institutions including Wells Fargo, UBS, and Citizens Financial, SigFig’s wealth management tool is available to over 70 million consumers. Prior to SigFig, Bill was Head of Information Security at The New York Times, Vice-President of Infrastructure Engineering at AllianceBernstein, and Senior Infrastructure Engineer Team Lead at JP Morgan.
We are also very fortunate to have Stephen Ward, Managing Director at Insight Partners, as part of our board of directors.
At Insight Partners, Stephen focuses on investments in cybersecurity. Prior to joining Insight, Stephen was CISO at The Home Depot, where he provided progressive direction over cybersecurity and technology risk. He is also a Board Member at Mimecast and served on the board of Cloudknox, which was recently sold to Microsoft. His innovative approach has led to malware-related patented technology and he has received award recognition from his industry peers in cybersecurity. Stephen has over 20 years of experience in cybersecurity, physical security, fraud and technology risk acquired throughout his career in both the public sector (U.S. Secret Service) and the private sector (JPMorgan Chase and TIAA).
It’s a real honor and privilege to be working with these cybersecurity luminaries and to have them advise Torq as we further deliver on our incredible potential to customers, partners, and investors. We’re looking forward to further collaboration with them all in the years ahead as we take Torq to even greater heights of success.
We’re extremely happy to announce that Torq has joined the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.
The CSA has more than 80,000 members worldwide and has been endorsed by the American Presidential Administration, which selected the CSA Summit as the venue for announcing the federal government’s cloud computing strategy. It also collaborates with global policy makers to support and evolve key cloud security initiatives, such as the National Institute of Standards and Technology (NIST) and the European Commission.
Torq is proud to collaborate with the CSA going forward, and work with its large-scale community of industry practitioners, associations, governments, and corporate and individual members as it evolves the no-code security automation space, and introduces critical innovations in the coming months and years. Torq will also benefit from the CSA’s cloud security-specific research, education, training, certification, and events.
We are proud to be part of the CSA’s mission to create and maintain a global, trusted cloud ecosystem with positive, forward-looking outcomes for its members, customers, and the world at large alike.
With visibility and transparency top of mind, we display the CSA logo in our Trust Center alongside our other key compliance certifications, which include ISO 27001 and SOC 2.
Jason Chan on Harnessing Security Automation to Manage Cyberthreat Complexity
By Torq
October 19, 2022
2 Minute Read
Torq is extremely proud to have Jason Chan on our advisory board. Jason has more than 20 years of experience working in cybersecurity. He’s one of the world’s leading experts in adopting security automation, cloud security, and enhancing security in modern software development practices.
Jason’s most recent career experience was leading the information security organization at Netflix for more than a decade. His Netflix team set the bar extraordinarily high, focusing on cutting edge risk assessment and management, and compliance management strategies and approaches.
I had the privilege of being able to have a discussion with Jason, exploring the positive impacts security automation is having on organizations of all sizes, worldwide. In the first part of our conversation, “Harnessing Security Automation to Manage the Complexity of Today’s Threat Landscape,” Jason discusses the fact that while cyberthreats are increasing exponentially, it’s becoming increasingly difficult to hire people to address this escalation. As Jason puts it, “The question is how do we get the most out of the resources we have and prioritize the issues we need to address most critically?”
Watch the first part of our conversation in video below and learn all about Jason’s perspective on how security automation addresses these challenges by maximizing the impact of the security systems, processes, and people organizations already have in place, and breaking down security silos:
Take Action Today Learn how to get started with security automation by reaching out to the professionals at Torq. You’ll learn more about the Torq platform and how we’ve helped myriad organizations achieve and exceed their security goals.
Everyone loves automation, and it can be easy to assume that the more you automate, the better. Indeed, falling short of achieving fully autonomous processes can feel like a defeat. If you don’t automate completely, you’re the one falling behind, right?
Well, not exactly. Although automation is, in general, a good thing, there is such a thing as too much automation. And blindly striving to automate everything under the sun is not necessarily the best strategy.
Instead, you should be strategic about what you do and don’t automate. Even if you have the tools and resources to automate certain parts of a process, you may not actually want to automate them.
The Benefits of Automation
To understand the argument for being selective about the processes you automate, let’s go over the key benefits that teams are usually trying to achieve when they automate something. Typically, those benefits include:
Faster results.
Less time spent by engineers on manual processes.
Greater consistency and a lower rate of errors.
Repeatability.
We could go on, but these bullet points summarize the main goals of most automation projects.
When to Automate and When Not to Automate
Now, if you think critically about how best to pursue the goals we’ve just described, you’ll realize that fully autonomous processes aren’t always the best ways to achieve the goals. Let’s go through each one carefully.
Faster Results
Automation can speed up processes by allowing operations to proceed without waiting on humans to sign off.
The caveat, however, is that if your automation tools run into a situation where they can’t make a decision about how to achieve something – which happens when a variable is introduced that your automation workflow didn’t anticipate – you can end up with more of a delay than you would face if you had a human in the loop to oversee things. You’ll probably get results much more slowly from a fully autonomous process that goes awry than you will from a process where you have a human in the loop to react to unexpected conditions.
Less Engineer Time
By a similar token, the total time that engineers have to invest in operations work may be lower if not all of your processes are completely automated.
The reason why is that if something goes wrong within a fully autonomous process, the response is likely to be highly distracting and time-consuming for your team. But, if you had a human in the loop to begin with, you’d face a lower risk of a disruption that would require an extensive manual response.
Greater Consistency
Automation is a good way to keep processes consistent — so long as those processes are 100 percent predictable and reliable.
But, when there are variables, or when you are dealing with a process where each use case is unique, automation won’t always breed consistency — at least, not the kind of consistency you want. It would be better to keep a human in the loop so that the human could react as needed to special circumstances.
Repeatability
It may be easier to reuse automation tooling, too, when you keep humans plugged into your automated processes.
The reason why is that — once again — each process may be unique, and so you can’t simply lift and shift the automations you’ve created for one process and apply them to a different one. But, if you leave some responsibility to humans, it becomes easier to keep your workflow adaptable enough so that you can use the same automations repeatedly, leaving it to the human to interpret the unique variables within each process and adapt the automations as required.
Using Partial Automation
To illustrate the points above, let’s consider a common process that might seem like a candidate for total automation, but actually is not.
The process is Just In Time (JIT) permissions granting. The goal of JIT permissions is to grant access rights when a user needs them, and revoke them when they are no longer necessary. Having humans configure these permissions each time in a totally manual way is not scalable, so you may think that you would want to automate the process as fully as possible.
But, in reality, it would make more sense to automate only part of your JIT permissions operations. You could automatically collect account and user information, for example, and use these to generate updated access control policies automatically.
But if you actually apply the policies automatically, you run the risk of something unexpected happening with highly negative security consequences. Maybe a user is requesting a JIT permissions update to access a system that was recently moved from testing to production, and that therefore has stricter access requirements. But your automation tooling isn’t aware of that change, so it will grant the permissions without considering the unique circumstances of the request in question.
If you require a human to sign off on the permissions change, however, there is a higher chance that the oversight will be caught. Manual sign-off could delay the process slightly, but the delay should not be significant if the rest of the process is well-automated.
Conclusion: The Limits of Automation
To be clear, we’re not saying automation is a bad thing, by any means.
What we are saying is that there are points within processes where full automation doesn’t always make sense. Although it may seem counterintuitive, there’s value in requiring human participation, even if making processes fully autonomous is a possibility.
How Wiz and Torq Combine to Mitigate Existential Cloud Security Threats
By Leonid Belkind
September 23, 2022
5 Minute Read
A single cloud securityincident can stop an enterprise in its tracks, sometimes resulting in irreparable damage to its operation, reputation, and customer loyalty. One key strategy for preventing such incidents is combining complementary cybersecurity tools to defeat threats at scale.
A coherent Cyber Security Incident Response Planning (CSIRP) approach requires enterprises to select and integrate the right tools before a security incident occurs. Torq’s next-generation orchestration and automation capabilities combined with Wiz Cloud Detection & Response empowers forward-thinking security teams to analyze cloud events and alerts from services like Amazon GuardDuty alongside the rich context provided by the Wiz Security Graph.
“The combination of Torq’s no-code security automation approach that delivers immediately actionable response and Wiz’s comprehensive contextual and accurate malicious activity identification means we can focus on high-level threats without being overwhelmed by cloud alerts. Torq and Wiz work seamlessly together to give us a major real-time advantage in mitigating the ever-evolving cloud-based threat landscape.” CISO of a major gaming company
Customers are already seeing that combining Torq and Wiz means the whole is far greater than the sum of the parts.
Achieve a Coherent CSIRP with Wiz and Torq
In its Computer Security Incident Handling Guide (Special Publication 800-61), NIST advises organizations to strengthen their capabilities in four broad areas:
Preparation
Detection and Analysis
Containment / Eradication / Recovery
Post-Incident Lessons Learned and Documentation
To better understand these areas, let’s apply them to a hypothetical brute-force attack.
Preparation
To be prepared for a brute force attack, you should:
1. Set up the infrastructure to identify potential attacks
Amazon GuardDuty can continuously monitor network and endpoint activity in production cloud environments to detect brute force attacks (amongst many others). Furthermore,Amazon CloudWatch Events or Amazon EventBridge should be configured to monitor events on new or updated GuardDuty findings. These events will later be consumed by an automation and orchestration system to enrich, analyze, and remediate the issues.
2. Analyze the assets’ context
Understanding the topology of your cloud environment, maintaining up-to-date connection states, and knowing which assets have access to sensitive data are critical to prioritizing response efforts to an attempted brute force attack. The Wiz Security Graph discovers and correlates these signals, providing incident responders with important context. For example, Wiz will alert on an SSH brute force attack when attempted on a publicly exposed asset that allows password authentication and has high permissions to the organization’s cloud environment.
3. Orchestrate analysis and resolution
Notifications of new potential threats must be handled and interpreted consistently and programmatically (i.e. with minor involvement of human analysts) in order to operate at scale. Torq allows enterprises to automate data and response flows generated by the Wiz Security Graph, making it possible to route remediations either directly to DevOps or after a quick triage process of the security team. The owners of the at-risk assets receive all the relevant contextual information around the alert to quickly resolve the issue and shorten the MTTR significantly. Torq’s no-code automation platform lets you build these workflows from scratch, leverage hundreds of security process templates, and adjust them to the needs of every environment.
Here’s how Torq combines with Wiz to create autonomous responses to security events:
The detection stage begins with Wiz delivering an alert based on an Amazon GuardDuty event together with the context of the cloud environment. The alert immediately drives the execution of an automated response workflow in Torq.
Analysis
In the analysis stage, contextual data about external exposure to the asset is retrieved from Wiz Cloud Security Graph as part of the alert. If there was internal exposure, further analysis would be conducted to understand the possible connections between the attacked asset and the crown jewels that might be exposed to it.
Containment
In the containment stage, particular sources of the attack can be blocked by modifying the Security Groups and Access Control Lists, as well as by prompting an additional wider response to the potential threat. Further eradication of an issue can be achieved by orchestrating changes in the configuration of the cloud assets to improve their security posture and by enforcing multi-factor authentication and strong passwords.
Torq enables enterprises to respond by both triggering containment flows and alerting the relevant teams in the organization on the event, preventing them from wasting crucial time.
Post-Incident
The incident audit trail is created to chroniclelessons learned to better mitigate related threats in the future. Security teams can use the audit trail together with the visibility they get from the Wiz Security Graph to identify potential weak points and work to mitigate them in advance
Learn more
To learn more,see how you can reduce alert fatigue and focus on the most critical security gaps withWiz andGet Started withTorq’s no-code security automation platform to handle these and similar threats at scale.
Torq Delivers on the Promise of Parallel Execution
By Torq
September 15, 2022
6 Minute Read
Torq Delivers on the Promise of Parallel Execution
Security operations professionals are constantly being pushed to the edge of their capacities. They’re dealing with endless manual processes and managing tasks sequentially, because of the limitations of their security tools and options. They’ve dreamed of being able to execute more tasks simultaneously to quickly enrich, analyze, contain, and resolve security threats.
Today, Torq is proud to introduce Parallel Execution, which makes those capabilities a reality. Parallel Execution is a significant evolution for no-codesecurity automation that enables you to instantly create multiple branches within an automatic workflow, and handle each concurrently before seamlessly merging back into a single flow.
While some SOAR platforms claim to support parallel processing, these solutions require massive engineering efforts to deploy. Some low-code platforms try to simulate parallel processing functionality by creating workarounds, but are in actuality asynchronous processing with deduplication managed by code. In the end, these attempts are not scalable, meaning they cannot effectively improve MTTA, MTTR, or the overall efficiency of your security operations.
Torq is delivering on the promise of true no-code parallel computing, to provide easier workflow design, adaptable iterating, and more powerful execution, which security teams have long been asking for. Now, teams can focus on actual security responses without sacrificing precious time and resources to develop the workflows that deliver them.
Here’s how Torq’s new Parallel Execution capability works:
Run Steps in Parallel
Parallel Execution allows users to drop in a simple step to branch workflows “horizontally,” execute each branch in parallel, then instantly merge the output back into a single workflow. Before, if a user wanted to accomplish this process in an older SOAR platform, it would require hours of engineering digging into code or defining the minutiae of complex deduplications for each case.
This functionality can exponentially speed up tasks like threat intelligenceenrichment, enabling users to check multiple sources at once. Instead of waiting for one check before moving to the next, each source is checked simultaneously, reducing total execution time from the cumulative total down to whichever the ‘slowest’ source is.
Parallel Execution can also distribute work more efficiently. For example, when an incident response requires input before proceeding, but the input can be from anyone within a finite list. Instead of pinging the analyst on-call, waiting for response or time out, then moving on to the resource owner, a message can be sent to the complete list of possible responders.
The operator can also support so-called “long queries” in which large datasets need to be queried, but the outcomes are not codependent. A workflow can simultaneously query a data lake, cloud graph, and SIEM, again reducing total execution time to whichever query is the slowest, instead of the cumulative time for each source.
These are just a few examples of use cases where running steps in parallel can be helpful. The functionality is incredibly flexible, and because it is so easy to include in a workflow, customers will have many opportunities to explore which environments and processes it can be used to improve efficiency.
A New Era for Security Automation
We are thrilled to provide the industry’s first true example of no-code parallel processing. But we are even more proud of where this can take teams once they adopt Torq.
Until now, security automation tools have been, at best, asynchronous, meaning they’re rigid and poorly suited for handling urgent escalations and different service level requirements. Security teams need more nimble and responsive tools that allow them to operate in realistic conditions, which sometimes involve as many as 1,000 simultaneous events. These first-generation SOAR and low-code tools also require significant additional effort to deduplicate outputs.
With earlier solutions, if an organization wanted to automate a security process, it would need to map out every step along the way, name or create roles for those responsible, build operational structures to enforce those steps and roles, document each potential permutation, develop or purchase the many needed connectors for the systems involved, script and code the minutiae of data manipulation, and then finally cross their fingers that the correct action comes out the other side.
One of the unspoken laws in this chain is that Step X must always come before Step Y, and both must return a value before moving on to Step Z, regardless of whether that is how the real world operates.
Torq not only releases organizations from the restrictions of linear processes, but does so in a way that is so simple it is usable for even the most mundane of routine security processes.
No longer are security teams required to toil away at menial tasks, saving automation for only the most daunting response workflows. Using simple drag-and-drop functionality, anyone can put Torq to work using pre-coded steps, templatized workflows, and unfettered integrations.
Because Torq automations can be developed and edited at-will, teams are free to experiment with new processes, and free to design workflows that match their real operations, rather than molding their processes to their tools.
Users have all of the modern functionality available to their developer and DevOps peers, like publishing and version controls, contextual documentation, and collaborative editing. Operating with a git-style or even a true GitOps development experience helps teams better understand and manage a workflow across its lifecycle, and better aligns them with DevSecOps methodologies.
Begin Executing in Parallel, Today
The Parallel Execution capability, as well as the workflow templates that use it, are available to Torq users, today. You can find them in the workflow designer and template libraries, respectively, or your customer success manager would be glad to walk through them with you.
Parallel Execution Demo Templates
We’ve prepared a few workflow templates that already utilize and demonstrate the power of this new functionality. Torq users can begin deploying these right away.
Retrieve and Normalize data on a hash Lookup threat intelligence data from a number of sources, aggregate the findings, and then normalize a score for the provided file hash.
Future Torq users can request a live demonstration and set up a demo account to test these new features themselves through our get started page.
Why Torq’s Momentum Mirrors the Exponential Adoption of No-Code Security Automation
By Torq
August 22, 2022
3 Minute Read
In just three quarters since Torq was officially launched, our visionary team has delivered a 385% increase in customers, resulting in 360% quarter-over-quarter growth. We’ve also boosted our headcount by 150% and now have more than 100 technology integration partners, including Armis, Orca, SentinelOne, and Wiz. In addition, we recently opened new offices in the UK, Spain, and Taiwan
Our no-code security automation innovations are paying dramatic dividends for our ever-increasing customer base. We serve organizations of all sizes as they face incredibly challenging, complex, and dramatically-escalating cyberthreats. We’re mitigating those threats at every conceivable incursion point, and emancipating overworked security teams from manual, reactive processes, so they can focus on remediation and response.
I take Torq’s dedication to providing our customers the highest level of protection very personally. I began my career as a technologist and software engineer, then shifted into the world of cybersecurity, and then became an entrepreneur when I co-founded Luminate in 2017 and Torq in 2021. I was inspired by seeing how many earlier industries were revolutionized by automation.
Back when I began my career as a software engineer, all my software testing was done manually. We had QA engineers repeating the same testing procedures over and over on each and every build of my product to verify it worked correctly. That era is long gone. Today’s modern software development processes benefit from automated QA on multiple levels. Manual testing is exclusively the domain of the most complex and creative tasks, if it’s done at all.
The Security Operations world is now increasingly harnessing the value of automation. Previously, the industry was based on simply delivering “alerts” about potential malicious activity and “reports” on vulnerabilities or misconfigurations, all of which had to be reviewed and dealt with manually. Virtually everyone understands this model is archaic and creates more problems than it solves.
Both of Torq’s production environments, which include running in the cloud, and our often SaaS-based business line applications, are rapidly evolving. It’s simply not scalable to conduct manual security operations across these complex scenarios. It’s why organizations of all types and sizes are harnessing the potential of automation to ensure continuous compliance and the strongest security posture possible.
This change is akin to an industrial revolution for cybersecurity and it’s why Torq is experiencing such significant adoption. We’re working with organizations from Fortune 10 goliaths to high-velocity startups and solving major cybersecurity challenges for all of them. They’re all dealing with similar issues as they strive to protect myriad assets from the tens or hundreds of thousands of security events they face daily. Without automation, there simply isn’t a way to effectively mitigate the situation.
I couldn’t be more pleased to see the positive benefits our customers are experiencing. And I couldn’t be more proud of the Torq team that’s so dedicated to pushing the technological envelope. They’re constantly delivering new innovations to make the customer experience as simple, yet powerful and comprehensive as it can be.
We’ve only just begun the Torq journey. I can’t wait to show you everything that’s coming up in the near- and long-term. Our customers and employees represent a true community. It’s our pleasure and privilege to play such an important role in protecting today’s digital-first organizations.
Torq Announces 385% Customer Growth and 360% Revenue Increase
By Torq
August 22, 2022
4 Minute Read
Torq Also Announces Visionary Additions to Executive Team, 150% Headcount Growth, New EMEA and APAC Offices, and Expanded Partner Ecosystem.
PORTLAND, Ore.—Torq, the leader in no-code security automation, today announced 385% customer growth, a 360% revenue increase, and 150% headcount expansion across the last three quarters. The company has also appointed visionary new executive leaders with the addition of CFO Yaron Bartov, and Head of Security Aner Izraeli, as well as opened new offices in the UK, Spain, and Taiwan. In addition, Torq now has more than 100 technology integration partners, including Armis, Orca, SentinelOne, and Wiz.
Torq’s expansion underlines the rapidly-growing adoption of its platform that enables security teams from Fortune 100 companies to startups to create automated security workflows and streamline processes to respond to threats faster, and deliver best-in-breed cybersecurity defenses across their organizations.
“Torq’s dramatic growth trajectory is evidence of the significant market fit for our no-code security automation platform that empowers security teams of all sizes to implement and deploy the most robust cyberdefense postures at scale,” said Ofer Smadari, co-founder and CEO of Torq. “Torq’s easy no-code automation is enabling digital-first enterprises to overcome the cybersecurity challenges they face when shifting to the cloud by blocking the exponentially-increasing volume of threat incidents. Torq also relieves overworked security teams from dealing with time-consuming, manual, reactive processes, and false positives, so they can focus on high-value remediation and response.”
Torq’s latest additions to its executive team possess comprehensive cybersecurity experience from prestigious companies, further strengthening its ability to deliver the most positive customer and employee outcomes possible. New Torq CFO Yaron Bartov was previously the CFO for GuardiCore, and Vice-President of Finance and Operations at Wix.com. Aner Izraeli, Torq’s new Head of Security, previously served as Information Security Manager for Intezer, and helmed SIEM/SOC incident response at Outbrain.
Rapidly-Growing Customer Success and Traction
Customers that have deployed Torq have quickly ramped up their active workflows by 3.5X, which showcases the increasing usage and traction for its platform. Every customer is now ingesting and processing hundreds of thousands of daily cybersecurity events, using Torq to both shield them from impact, and ensure strict compliance with standards such as NIST and MITRE.
“Torq’s unique no-code security automation approach has fundamentally transformed and accelerated our security team’s ability to rapidly identify and remediate cybersecurity threats,” said Yaron Slutzky, Chief Security Officer of Agoda. “With Torq, Agoda has significantly advanced its cloud security posture, and brought a new level of rigor to security operations. Torq’s pre-built workflows enable us to easily deploy cybersecurity defenses at scale throughout our organization, mapping to countless different use cases, and protecting us across multiple conceivable incursion points.”
Expanding Partner Ecosystem
Torq’s no-code security automation platform is also driving extraordinary partner traction, with more than 100 technology partners now a part of its ever-expanding community. Torq technology partners play a critical role in driving adoption, integration, and visibility for Torq’s evolving offerings.
“Together, Torq and its partners help customers make the most of their cybersecurity investments by automating processes throughout the entire security stack and delivering best practice workflows for security operations across dozens of partner platforms,” said Eldad Livni, co-founder and Chief Innovation Officer of Torq. “We’re constantly developing and unveiling new security automation innovations at a rapid pace with complete partner integration to deliver unparalleled protection.”
“Through our partnership with Torq, we recently announced Armis Enterprise Workflow Automation (EWA), a new module for security automation and threat response workflows,” said Peter Doggart, Chief Strategy Officer of Armis. “Security teams now have a seamless and rapid experience to build event-triggered workflows, no matter how simple or complex the process, and no matter how many tools are involved.”
Last June, Torq also established the Torq Automation Alliance, a first-of-its-kind channel partner program. The alliance is designed to maximize the benefits partners deliver to customers by providing streamlined access to Torq’s platform, enablement, and marketing materials. Torq Automation Alliance members can also leverage Torq’s knowledge base and template library to address virtually any security process.
To learn more and get started with Torq, visit Torq.io.
About Torq Torq is a no-code automation platform for security teams. Torq allows any security professional to connect to any system, anywhere, and easily create automated workflows that streamline security processes. Fortune 100 enterprises and cutting edge startups alike trust Torq to help them maximize their cybersecurity investments, respond to threats faster, and deliver protection at the speed of business.
Media Contact: MikeWorldWide (MWW) for Torq Krista Couch [email protected]
Why Templates Deliver Critical Best Practice Workflows For Maximizing Enterprise Security
By Torq
August 10, 2022
3 Minute Read
It’s difficult for even the most advanced security teams to stay on top of evolving incursions and ensure their processes effectively map to prevent them. That’s where pre-built templates come into the conversation. No-code, security automation templates can handle the considerable burden of having to maintain and update processes that integrate with a company’s security stack.
Having the right systems, tools, and people in place are essential for effective cybersecurity postures. But while templates may sound unsexy, they’re the critical connective tissue that helps enable all three to significantly mitigate the hundreds of thousands of daily cyberthreats the typical enterprise encounters. They also ensure modern compliance requirements are proactively and accurately addressed.
Comprehensive Templates for Comprehensive Security
Torq now offers hundreds of security workflow automation templates aligned to MITRE, NIST, and Defense-in-Depth standards. Security teams of all sizes can easily use these templates to rapidly boost incident response speed. They all deliver impressive time to value and ease of use for security teams of all sizes.
Available at no extra cost to Torq customers, these templates are entirely ready to deploy, with minimal configuration. They’re specifically designed to enable security teams of all levels to instantly deploy workflows across their infrastructure and third-party app ecosystem to identify and block cyberthreats before they have a chance to make a significant impact.
Torq templates can be deployed with a single click across thousands of security integrations and vendors. Torq developed its templates in conjunction with its 100+ ecosystem partners, including Orca, Wiz, Armis, and SentinelOne, to ensure customers can build out and standardize their security processes at cloud scale. They enable large security teams to focus on bigger-picture security management. And they dramatically reduce the workload for smaller teams overwhelmed by parsing endless security alerts, rather than focusing on critical threats.
How Torq Templates Mitigate Critical Security Events
Third-Party Identity Lifecycle Management—Workflows can vet all external network access, ensuring contractors and partners are approved, current, and can only engage with systems and data they are authorized for. Torq templates cross-check identity against IdM and SSO systems such as Okta. If a potential incursion is identified, Torq automatically shuts down the account, and alerts the security team to take further action.
Contextual Threat Hunting—Integrates with services like SentinelOne endpoint security to harness its alerts, and automatically enrich its findings. Torq’s template infuses reports with additional critical data from threat intelligence services such as VirusTotal, to detect suspicious files, domains, IPs, and URLs, as well as to identify potential malware and other breaches. The enriched data delivers a comprehensive contextual view into the alert for security teams to rapidly understand and mitigate the situation, as well as prevent further related attacks.
Cloud Security Monitoring and Remediation—Ensures storage classes like AWS S3 are protected with advanced encryption, or are appropriately publicly accessible, according to company policies. If a service such as Wiz or Orca detect that a storage class is improperly classified, Torq automatically collects the relevant data, and sends a critical alert to a security analyst to rapidly remediate the issue.
Get Access to Torq Templates Now
Already a Torq customer? You can find our comprehensive Template Library here, or by clicking ‘templates’ on the left-hand menu in the app, just below your existing workflows.
