AI News

Torq’s AI-Native Autonomous SOC Wins Check Point’s CPX 2025 Innovation Sandbox Competition

By Torq
February 27, 2025
4 Minute Read
Torq took home the top prize at Checkpoint’s CPX 2025 Innovation Sandbox competition. Get highlights from the winning pitch.

Contents

Torq took home the top prize at Check Point’s 2025 Innovation Sandbox Competition during their annual CPX conference in Las Vegas. Chris Coburn, Torq’s Sr. Director of Tech Alliances, faced off against 13 other companies to pitch Torq’s AI-native autonomous SOC to a panel of judges and voting audience.

As the Sandbox Innovation winner, Chris earned the opportunity to deliver a main-stage keynote to thousands of security professionals and leaders, sharing how Torq’s game-changing agentic AI and Hyperautomation capabilities are saving SOC analysts from burn out while strengthening overall security posture.

“We are witnessing a new era in cybersecurity, and we are thrilled with the innovation throughout the ecosystem. It’s clear that AI and machine learning will play a critical role in shaping the future,” said Brian Linder, Head of Cyber Evangelists in the Office of the CTO at Check Point. “We congratulate Torq on winning first place in the competitive Innovation Sandbox at CPX 2025 Americas and look forward to following their journey as they continue to innovate as an emerging player in cybersecurity.”

The Pitch: AI or Die — Saving the SOC with Agentic AI and Hyperautomation

“It’s time to adopt AI  or die. Everybody’s saying it — AI’s here now and it’s going to be a massive part of cybersecurity going forward. Torq is using AI to help solve everything that is killing our SOC teams every day.” 

Chris Coburn, Sr. Director of Tech Alliances, Torq

SOCs are in crisis. Security teams are getting buried by alerts and they spend way too much of their time trying to make different tools communicate with each other and trying to get different data formats to make sense with each other. Even when analysts find a true positive alert, the investigation, communication, and remediation steps can be disjointed and painful. This overwhelm causes alerts to be missed, leaving organizations vulnerable to attacks and breaches.

To combat these SOC killers, Torq is offloading all of the mundane, highly repetitive tasks to Hyperautomation and AI — turning down the volume so human analysts can focus in on critical threats, with enriched insights to accelerate their decision-making. 

Torq’s AI-native autonomous SOC is made up of three components:

  1. A foundation of enterprise security-grade architecture built completely on zero trust, cloud-native, extensible software. 
  2. A Hyperautomation engine which makes building automations as easy and powerful as possible, integrated across your entire security stack.
  3. AI agents that act as accelerators for SOC operations. These include an AI Workflow Builder that rapidly generates custom automation workflows using natural language prompts, AI Case Summaries that deliver concise, structured summaries so your team can get up to speed faster, and Socrates, Torq’s agentic AI SOC Analyst that can autonomously triage, investigate, and remediate 95% of Tier-1 cases. 

AI-driven Hyperautomation changes the picture for SOCs today. With Torq, 95% of Tier-1 incidents can be autoremediated, allowing human security analysts to focus on the strategic and engaging work that they actually care about. 

This is the promise of the autonomous SOC — and Torq is making it happen.

Explore Torq's winning autonomous SOC pitch for Check Point CPX 2025's Sandbox Innovation competition.

Want more where this came from? Get the AI or Die Manifesto > 

Check Point Speeds Up Their SOC with Torq HyperSOC™ 

“With Torq HyperSOC, we can react automatically to problems before they become security incidents.” 

Jonathan Fischbein, CISO at Check Point

Check Point was facing a challenge that many security teams can relate to: too many alerts and too few analysts. When Check Point’s CISO Jonathan Fischbein went on the hunt for a security automation solution, feedback from fellow CISOs and CIOs led him to bypass legacy SOAR products in favor of Torq’s HyperSOC solution.

Key ‘wow factors’ for Check Point included:

  • Easy-to-use UI centered around the SOC analyst experience to make their jobs easier
  • Days-fast deployment of dozens of AI-driven playbooks, automating responses to some of the organization’s most repetitive security alerts
  • Integrations that “fit like a glove” with Check Point’s existing security stack 

Today, Torq’s AI-driven HyperSOC investigates, triages and remediates many of Check Point’s internal security alerts without any human intervention. If an alert meets certain parameters based on security policies, the platform autonomously takes action, such as initiating an MFA challenge or locking out a suspicious user. High-priority incidents are routed for human intervention, with intelligent case insights and recommendations that help analysts make better decisions, faster.

The end result? Dramatic efficiency gains and reduced alert fatigue.

Read Check Point’s Story
Share

Related Articles

AI

The Dawn of Agentic AI in the SOC

By Torq
February 25, 2025
7 Minute Read
What is agentic AI in the SOC? Get an overview of agentic AI for cybersecurity, how it can benefit security operations, and strategic considerations.

Contents

Now that six in ten security leaders view AI as a “game changer” across all security functions and 85% of security professionals report increased AI investment and usage in the past year, it’s clear that AI is no longer a fringe technology in security operations.

But the AI conversation has evolved recently as a new buzzword has taken over: agentic AI. Underlying the hype are real advancements that have the potential to transform security operations by adding autonomous, goal-oriented decision making to AI-powered SOCs. Gartner even named agentic AI one of the Top Strategic Technology Trends for 2025.  

Agentic AI is especially promising for security operations as a way to tackle persistent challenges such as alert fatigue, analyst burnout, and an ongoing talent shortage. Additionally, as increasingly automated attacks intensify the stakes for SOC teams, agentic AI will be a pivotal technology to counteract evolving threats through improved proactiveness and scalability. 

What is Agentic AI in the SOC? 

Agentic AI refers to artificial intelligence systems that operate with enhanced autonomy to execute tasks and make decisions. Agentic AI can pursue complex goals and execute workflow tasks with limited direct human supervision. It uses sophisticated reasoning and iterative planning to solve complex, multi-step problems on its own, adapting to real-time data and learning from its environment.

Agentic AI can transform SOCs through the ability to independently triage, investigate and remediate threats —  accelerating incident response and enhancing overall security posture. 

When combined with Hyperautomation, agentic AI can help achieve the autonomous SOC, in which AI handles the vast majority of Tier-1 and Tier-2 alerts, freeing up human analysts to focus on complex, high-priority incidents and strategic projects (aka the rewarding, engaging, and impactful work that analysts actually want to spend their days doing, rather than wading through false positives and writing reports).

2 Key Use Cases for Agentic AI in the SOC 

1. Agentic AI in Phishing Response

Phishing continues to plague SOCs as one of the most common attack vectors for data breaches and ransomware. Agentic AI can elevate phishing response capabilities by streamlining triage, investigation, and containment once detections are flagged by external systems. 

Through seamless integrations with email security, identity management, threat intelligence, EDR, CMDB, and SIEM solutions, Torq’s Agentic AI can autonomously:

  • Examine recipients, email content, links, attachments, IOC reputations, and related case and threat information to determine scope and impact, identifying users who received, opened, or interacted with an email. 
  • Execute environment-wide sweeps for malicious payloads and correlate data to reveal compromised accounts or systems.
  • Initiate containment steps such as quarantining emails, resetting credentials, terminating sessions with enforced MFA, and blocking malicious domains or IPs.  

2. Agentic AI in EDR Response

Experts predict that 20% of new malware strains will be AI-assisted by 2025. Agentic AI can bolster malware detection and response by orchestrating rapid analysis, scoping, containment, and eradication once suspicious activity is flagged by external platforms. 

Torq’s Agentic AI integrates with EDR, CMDB, SIEM, and threat intelligence tools to autonomously:

  • Analyze file behavior (including hashes, signatures, and sandbox results), monitor endpoint resource usage, and detect suspicious persistence mechanisms or privilege escalations.
  • Correlate anomalies across multiple endpoints to identify the scope of compromise, pinpointing infected hosts, associated IOCs, and potentially affected privileged accounts.
  • Swiftly isolate infected endpoints, disable compromised accounts, and kill malicious processes. Malicious file hashes and IP addresses are then added to deny lists for continuous monitoring. Eradication actions can include removing malicious files, cleaning up affected systems, or re-imaging endpoints, ensuring a thorough remediation. 

Torq’s Multi-Agent System: Agentic AI in Action 

When you peel them back, many “AI SOC Agents” on the market are simply ChatGPT-style natural language chatbots. They may be capable of running steps and workflows but lack deep integrations and autonomous capabilities. 

In contrast, Torq’s Multi-Agent System is deeply integrated across the full security stack and able to take complex action and tackle multi-step tasks. At the helm is Socrates, Torq’s agentic AI SOC Analyst which can conduct fully autonomous case investigation, enrichment, and remediation from start to finish, as well as generating contextual recommendations. Alongside Socrates, Torq’s other AI agents provide AI-generated workflows, code, data transformations, case summaries, and more — helping SOC teams get more done, faster.

The Agentic AI ‘Wow Factor’ for Security Operations

“I believe the successful use of agentic AI in SOC operations shows up in practical outcomes. With Torq Agentic AI, the answer is ‘yes’ to questions such as: Are analysts happier? Are they sticking around? Do they have time to focus on more interesting and complex investigations? Are MTTM and MTTR lower? Torq Agentic AI extends and enhances our team so it can make better decisions more quickly — resulting in stronger security all around.”

Mick Leach, Field CISO, Abnormal Security

  • Boosting analyst engagement and retention: Rather than replacing human analysts, agentic AI can actually help make their day-to-day work in the SOC more rewarding and engaging by eliminating many of the “SOC analyst killers” that bog them down, such as alert fatigue, summarizing cases, and writing reports. This is crucial in a cybersecurity field that continues to deal with an ongoing talent shortage.
  • Augmenting human expertise: For complex and high stakes cases that require human intervention, analysts can collaborate with agentic AI to make faster and better-informed decisions. This is thanks to agentic AI’s ability to correlate information from multiple tools, signals, and third-party threat intelligence to contextually enrich cases and provide deeper insights.
  • Improving security posture: Through its ability to identify patterns and anomalies that may indicate malicious activity, agentic AI improves threat detection and response, enabling SOCs to proactively mitigate threats. Automated incident response and alert triage can reduce mean time to detect (MTTD), mean time to respond (MTTR), and mean time to containment (MTTC), minimizing the impact of security incidents.
  • Enhancing operational efficiency and scalability: By handling Tier-1 and Tier-2 alerts and automating routine tasks, agentic AI frees up human analysts to focus on more strategic initiatives, such as threat hunting and vulnerability management. Agentic AI also enables SOCs to scale more efficiently, managing a higher workload without adding headcount.

Considerations for Building Trust in AI in the SOC

SOCs planning to deploy AI capabilities, including agentic AI, should take steps now to document and audit current processes, as it will be important to ensure that AI and automation is used to scale effective processes, rather than to compensate for ineffective ones. Security teams should also establish a method to quantify operational gains from an AI deployment. 

As with any new technology, AI in the SOC will require new skills and training for security teams, such as learning how to effectively collaborate with agentic AI. Any agentic AI solution deployed should be able to raise a flag when it is missing information or requires human validation. For example, if the AI’s threat analysis leads it to recommend quarantining a laptop but the user’s title is “CEO”, the system should have the intelligence and boundaries to flag that the decision is “above its pay grade” and then escalate the decision for human review and approval.

To combat the risk of AI hallucinations and build trust in AI, the system must be able to transparently explain why it made the decisions it made and how it came to the conclusions it did. This requires the AI to bolster its insights and recommendations with citations to original, forensic evidence.

AI or Die: Get the Manifesto

While agentic AI is still a relatively nascent technology, its potential to revolutionize security operations is undeniable. But the crowded AI SOC market makes careful selection essential. 

Get the AI or Die Manifesto to learn red flags that separate AI-washed vaporware from truly impactful AI for the SOC, as well as strategic considerations for effective adoption.

Get the Manifesto
Share

Related Articles

AI Hyperautomation

Why Financial Institutions Need No Code Security Automation

By Torq
February 22, 2025
5 Minute Read
Financial no code workflow automation security platform for financial institutions

Contents

For financial institutions, the pressure to outpace fraudsters, stay ahead of regulators, and defend sprawling infrastructures is endless. Yet inside too many SOCs, it’s still the same story: manual processes, brittle legacy tools, and security workflows held together by spreadsheets and custom coding.

That’s changing fast.

Modern financial institutions are turning to no code workflow automation to eliminate inefficiencies, reduce risk, and scale operations. They’re moving away from legacy SOAR platforms that require months of scripting just to get basic use cases up and running. With Torq, teams are deploying powerful, cross-functional automations in days.

From regional banks to asset giants like Blackstone, the shift is clear: No code isn’t just easier. It’s better. Faster. More secure. And it’s how the smartest financial orgs are staying ahead of the threats, and the competition.

Why Financial SOCs Are Turning to No Code Workflow Automation

Financial and bank SOCs face a perfect storm:

  • Rising attack volumes and sophistication
  • Burdensome regulatory oversight 
  • Analyst shortages and burnout
  • Pressure to do more with less

What Financial SOCs Are Automating First

Most financial customers come to Torq after hitting a wall with legacy SOAR. They’re tired of vendor sprawl, compliance nightmares, and tools that require a full engineering and professional services team just to run. 

Finance orgs prioritize use cases that deliver fast wins in compliance-heavy, high-risk environments. The most common starting points are:

They choose Torq because it’s secure by design: zero-trust architecture, native SOC 2 compliance, and a platform built to scale. They stay because it just works.

Blackstone: From SOAR to 80+ No Code Automated Workflows

Legacy SOAR platforms require custom scripting and complex coding to implement basic use cases. This dependence on coding creates massive bottlenecks in financial organizations that juggle dozens of tools and deal with an evolving threat landscape. It slows everything down, requires specialized talent, and makes scaling automation nearly impossible.

That’s why financial leaders are ditching SOAR for no-code security automation solutions. With intuitive, drag-and-drop tools, analysts — not just engineers — can build powerful, scalable automations across fraud detection, IAM, phishing response, and more.

Blackstone, the world’s largest alternative asset manager, spent years keeping just a handful of workflows alive in their legacy SOAR. After switching to Torq, they launched 30+ automations in six months. Today, they’ve scaled to over 80 workflows across incident response, fraud, threat hunting, and IAM.

What changed?

  • A no code workflow automation platform built for security teams that actually works
  • A scalable Hyperautomation solution that meets the rigor of financial controls
  • A true partnership — not just another vendor with a steep learning curve

How a Leading U.S. Bank Beat Zelle Fraud with No-Code Workflow Automation

Preventing fraud is a top challenge for financial institutions. As attacks become more sophisticated and digital-first payment methods become increasingly more common, the scale of financial fraud is escalating beyond the reach of legacy defenses. 

With the Torq platform’s no-code workflow automation, security teams can connect SIEMs, fraud detection systems, case management tools, and identity services with real-time, orchestrated workflows. Financial institutions can spot fraud faster, reduce false positives, and take immediate, coordinated action. 

Case in point: After a surge in Zelle fraud forced a top 30 U.S. bank to suspend Zelle services under SEC pressure, they turned to Torq. In just 90 days, they built over 100 automated workflows, including a no-code system that autonomously locks down compromised accounts.  

They were quickly able to reinstate Zelle services, and the fraud response time decreased from hours to seconds while automation expanded beyond the SOC into fraud, GRC, and IT. This is the power of no-code security workflow automation in action — fast, scalable, and built for high-stakes financial environments.

​​Why Torq Wins in High-Stakes Financial Environments

Financial institutions are highly regulated, highly targeted — and often highly siloed. That’s why they need automation that works, scales, and earns trust. Torq delivers:

  • No code architecture: Secure, scalable, built for both on-prem and cloud
  • Multi-tenant capabilities: Support for global SOC structures with centralized oversight
  • Fast, responsible AI: With Socrates and our multi-agent system, Torq lets humans direct strategy while AI handles Tier-1 remediation.
  • Audit-ready evidence: Every action is logged with full context and metadata.

Financial customers want to get it right the first time. With Torq, they can.

The Future of Financial SecOps Is Automated 

Banks, insurers, and fintechs are under pressure to modernize fast without compromising security or compliance. Legacy security automation and orchestration won’t cut it. No code workflow automation built for financial security teams is the only path forward.

Torq Hyperautomation gives you:

  • Faster outcomes
  • Fewer manual handoffs
  • Stronger compliance posture
  • Real ROI from day one

And we integrate with the tools you already use. Here’s just a few of our integrations:

  • IT: ServiceNow, JIRA
  • Cloud: Wiz, Microsoft 365, Azure/Entra, AWS
  • SIEM & Logs: Splunk, Elastic, Chronicle, Stellar Cyber, Microsoft Sentinel
  • Identity: Microsoft Entra, Okta, SailPoint
  • Endpoint & Threat Detection: CrowdStrike, Defender, SentinelOne, Tenable
  • Phishing: Proofpoint, Abnormal Security
  • Threat Intelligence: VirusTotal, Recorded Future, AlienVault
  • Third-Party Risk: SecurityScorecard

Whether you’re replacing SOAR, launching security automation for the first time, or scaling into new business units — Torq is the partner to get you there. 

Get a Demo

Share

Related Articles

Integrations Use Cases

Wiz Automations: How to Automate Cloud Security with Torq

By Torq
February 19, 2025
4 Minute Read
How to Automate Cloud Security with Torq and Wiz

Contents

The Top 3 Crucial Torq & Wiz Integrations

One of the superpowers of the Torq Hyperautomation platform is the ability to integrate with anything. We team up with leading security vendors to combine forces to create automations that make SOC analysts’ lives easier while also improving their organizations’ security posture.  

Integrating Torq and Wiz enables security teams to automate the remediation of cloud security issues, freeing up analysts’ time and giving them the ability to tend to the laundry list of low and medium issues that often go untouched. These low and medium issues still pose a threat, so creating an automation for them can help avoid a security incident. With Torq and Wiz, SecOps teams can create fully automated or human-in-the-loop remediation workflows for things like expired secrets, or unused privileged access keys. These automations are more powerful options than those available with legacy SOAR platforms.

In this post, we’ll talk about how the enterprise-grade Torq Hyperautomation platform integrates with Wiz to level up your organization’s cloud security. 

Here are the top three Torq and Wiz automations:

Handle Wiz Alerts For Public AWS S3 Bucket With Sensitive Data

Looking for a simpler way to deal with Wiz alerts for when public AWS S3 buckets contain sensitive data? You’re in luck.

This workflow receives an alert from Wiz when an AWS S3 bucket is found to be exposed to the public with sensitive personal data contained in it and it triggers on Wiz ID wc-id-1264.

When the trigger is received, the workflow will pull the bucket’s public access settings and tags and look for an owner tag. If an owner tag is not found, it will set notifications to a specific Slack channel.

From there, it checks the public settings on the S3 bucket to see if the issue was resolved before the alert from Wiz was triggered, and, if it is still publicly accessible, it will ask to limit access to the bucket. 

Once the user agrees, the bucket settings are updated and the Wiz alert is moved to in progress. If the user does not agree, or the question times out, a Jira issue is opened to track the issue and the issue ID will be added to the Wiz alert.

It’s important to note that this workflow will set the public block settings on the S3 bucket to “true” and block all public access. It is possible that your application will need a more granular update to the JSON policy to block the existing access; the existing policy will be provided in the Slack message

Enable AWS S3 Bucket Encryption On Alert From Wiz

This workflow is a simple and effective way to ensure that encryption is turned on for an AWS S3 bucket. 

First, the workflow receives an alert from Wiz and is triggered by an event with the control name “S3 bucket default encryption disabled.” If the owner tag is found, the owner will be contacted or notified in the Slack channel about the issue. 

This workflow then checks the encryption status on the bucket to see if encryption is still disabled and suggests remediation by enabling default AES256 encryption on the bucket. 

If the user or Slack channel rejects the notification, the workflow collects a reason and opens a follow up ticket and updates the notes on the Wiz issue. 

Remediate AWS EC2 Instance With Open SSH Access From Wiz Alert

This workflow receives an alert from Wiz and is triggered by an event with control name “Instances with open SSH to the world in AWS.”

If an owner tag is found, the user will be looked up in Slack, otherwise the Slack channel is updated. The user or channel is then asked to remediate the instance by shutting it down or removing the open SSH rule in the Security Group and by adding a specific network rule allowing SSH from a corporate owned network.

The user or channel will also have the option to open a Jira issue instead of doing the remediation. A Jira issue is opened for any issue with the process, and will be added to the issue notes in Wiz.

Those are just three of the myriad templates Torq offers with Wiz to improve cloud security. Stay tuned for more installments of our Hyperautomation Cheat Codes series where we’ll examine more integrations and automations with other key partners to help you level up your cybersecurity.

Ready to see Torq in action? Click here to get a demo.

Share

Related Articles

Product

JSON for Beginners: Building Blocks for Workflow Automation

By Torq
February 13, 2025
7 Minute Read
Learn JSON basics.

Contents

Automation workflows add a lot of value to an organization’s day-to-day operations. At a minimum, they streamline the execution of complex, multi-step processes, allowing people to focus on higher-value tasks. On top of that, automation workflows can provide valuable insights through the metrics that they gather – including the number of requests, the date and time they were requested, the time it took to complete each request, who made the request, and much more.

At first, automated workflows functioned much like a basic assembly line, where workers only know how to perform one step in the whole process. Now, modern automation solutions like Torq’s no-code platform are able to use the data passed into a certain step, together with the data generated in that step to make decisions about retries, failures, and next steps in the process.

In the beginning, these workflows functioned much like a basic assembly line, where workers only knew how to perform one step in the whole process. Now, modern automation solutions can use the data that’s being passed into a certain step, together with the data that’s generated in that step to make decisions about retries, failures, and where to send the request next.

This is especially important when it comes to security and auditing. While gathering more context to achieve a more complete record of what is happening, that context can also be used to decide what a requester can send or receive at each step. For example, while someone in the payroll department can access salary data that someone on the help desk cannot, both can see who the employee’s manager is.

JSON Basics: The Building Blocks for Workflow Automation

Since modern intelligent automation workflows are built around their data, that data needs to have a consistent format across all steps in the workflow. The format that Torq uses to contain that data is JavaScript Object Notation, better known as JSON.

Because JSON is a text-based, self-describing format, it is easy to work with and very flexible. Compared to older and more formally structured formats like XML (eXtensible Markup Language), it requires less overhead to process and less storage space to archive. It is also easier to extend on the fly without needing to refactor multiple schemas to ensure backwards compatibility.

JSON Basic Structure

JSON is also human-readable, since it is based on the concept of key:value pairs and follows basic formatting rules. In this case, the only purpose of white space is to make it easier for humans to read. You must use a valid format, which normally means beginning and ending with curly brackets (i.e. { }), although square brackets (i.e. [ ]) are used in some cases. In addition, every element except the last one needs to be followed by a comma so that everyone knows there are more values to follow.

In the following JSON key:value example, the keys are shapes and the value of each key is the number of corners that the shape has.

{    “triangle”: 3,

    “square”: 4,

    “octagon”: 8

}

Basic JSON key:value Example

Data Types

When it comes to values, there are really only three data types. However, the values can be stored in arrays or objects, as defined below:

TypeDescriptionExample
StringAlphanumeric sequence (written in double quotes).“day”: “Saturday”“time”: “2021-03-11”
NumberAn integer (not in double quotes).“guestsNumber”: 25
BooleanValue can be true/false (not in double quotes).“surpriseParty”: false

Note: Numbers and Boolean values don’t need to be contained in quotes. However, string values and key names must be contained in quotes.

What Is a JSON Object?

JSON objects are items defined with multiple unique key:value pairs below them. Objects are contained within curly brackets, which is why most JSON data that is handled within these workflows will start and end with curly brackets. In fact, all of the data used within a workflow is one single object containing multiple sub-objects.

If we extend our previous example to include the number of sides as well as corners, we’ll end up with a unique object for each shape:

{    “triangle”: { “sides”: 3, “corners”: 3 },

    “square”: { “sides”: 4, “corners”: 4 },

    “octagon”: { “sides”: 8, “corners”: 8 }

}

JSON Object Example

JSON Arrays

Now you know how to create simple key:value pairs and unique objects. Sometimes, however, you need to record things as data using a common format, but the data itself is unique for each item. In such cases, you would define an array using square brackets ( [ ] ) around the set of key value pairs that need to be stored in the data.

For example, you can make a single object called “shapes” that contains an array for the data: 

{    “shapes”: [

        { “type”: “triangle”, “sides”: 3, “corners”: 3 },

        { “type”: “square”, “sides”: 4, “corners”: 4 },

        { “type”: “octagon”, “sides”: 8, “corners”: 8 }

    ]

}

JSON Array Example

How to Use JSON to Reference Data

Now that you know what the structure of JSON looks like and how easy it is to follow, we’ll explain how to address specific places inside the JSON data. To do so, you can either target the retrieval of the current state or grab an entire array.

How to Reference JSON Objects / Arrays

Let’s start with the basics of accessing data from an object. JSONpath is built using dot notation, which is a common type of syntax used in many programming languages to access the properties of an object. The basic JSONpath for accessing an entire object is “$.” These two characters will be at the beginning of every JSONpath in Torq.

For instance, to access the value of “triangle” in the first example (a simple JSON with a few key value pairs), you’d begin the path with the root “$.” and add the name of the key that you want to retrieve. So, in our example, “$.triangle” would return the value of 3.

Let’s say you wanted to access something that’s multiple levels down in the object. Using the JSON in the second example, you’d build on the base of “$.triangle” and add “.sides.” So, in this case, “$.triangle.sides” would return the value of 3.

Referencing JSON Arrays

Arrays are handled slightly differently, since they consist of multiple instances of data in a single object. To access data in an array, you can use square brackets and specify the desired record number. Or, if you leave the square brackets off, you’ll get the entire object back.

For instance, using the JSON in the third example, you’d start with the base and ask for all of the records in shapes with the “$.shapes” JSONpath. You would use “$.shapes[0]” if you only wanted the first record. (In JSON, record numbers start at zero, not one.)

You can also pull back the number of sides in every record without pulling the rest of the data. The syntax is similar, except that you replace the index number with a colon to access all records. So, “$.shapes[:].sides” would return “{ 3,4,8 }” as the result.

Once you’ve mastered the art of navigating JSON, you can start to do more advanced filtering within JSONpath. Using the third, “$.shapes[?(@.sides>5)]” would return a record of every shape in the array that has more than 5 sides.

There are many online tools that you can use to validate that these examples really work (like JSONpath.com).

JSON-Based Workflows

Now that you know what the data structure looks like in JSON, as well as how to reference specific values in that data with JSONpath, you have the option to build highly customized workflows to bring sanity and a sense of control to the most challenging manual work within your organization… Not that you’d need it, since Torq offers data-driven, zero-code security automation.

Get a Demo
Share

Related Articles

Product

How to Automate Intune Reports for Device Compliance with Torq

By Torq
February 6, 2025
2 Minute Read

Contents

Whether for managing remote teams, supporting ‘bring your own device’ (BYOD) policies, or simply another layer in a data protection strategy, services like Microsoft Intune offer greater control over the devices on your network. But using the data from these services often requires tedious prep work, and this process is likely repeated multiple times a week, if not daily. 

Tedious, repetitive, structured: these are all signs that a process can and should be automated. Torq offers dozens of pre-built templates to help security teams add efficiency to processes like these. Here we’ll show a workflow that automatically generates a daily report on device compliance from Intune, and delivers it to Slack. 

How Torq can Automate Device Compliance Reports  

The default trigger for this workflow is set to run once a day, but you can customize the duration based on your needs. Similarly, the default chat application is Slack, but changing to Microsoft Teams or other apps takes just a few clicks. 

Here’s how it works:

  1. Torq will generate an access token and pull the list of devices from Intune, then filter for the ones that are tagged as non-compliant. 
  2. It will loop through each of those devices to look for a registered user, then split the list based on whether or not a user is found.
  3. Next it generates the actual report, which is built from a set of pre-defined messages that you can customize.
  4. Finally, the last step is to send everything to a designated Slack channel. 
A segment of the workflow template available in Torq

This is a good example of how a relatively simple, pre-built template can make a big impact on recurring security activities. With just a few minutes of setup, you can eliminate hours of tedious work and improve your compliance efforts. 

Get the Workflow Template

Already a Torq customer? You can find this workflow, and many more in the template library. Just add it to your Torq account, provide your Microsoft credentials, specify the report frequency, and enjoy.

Get Started Today

Not using Torq yet? Get in touch for a trial and see how our no-code automation platform can add efficiency to your operations and improve overall security posture.

Share

Related Articles

News Product

Torq Signed the CISA Secure by Design Pledge

By Aner Izraeli
February 5, 2025
7 Minute Read

Contents

At Torq, our commitment to security has always been at the forefront of our mission to empower businesses through our SaaS platform.

Today, we’re proud to announce a significant step forward in our security journey: Torq has signed the CISA Secure by Design Pledge.

This pledge underscores our dedication to ensuring that our customers can trust our platform to uphold the highest security standards, enabling customers to focus on their goals without concerns about their security posture.

Advancing Security by Design

The CISA Secure by Design Pledge perfectly aligns with our approach to security. This initiative emphasizes the importance of building security into the foundation of all products and services.

For Torq, this means integrating robust security measures throughout our development lifecycle, from initial concept to deployment and beyond.

By signing this pledge, we are reinforcing our commitment to:

  • Proactive security measures: Embedding security into every layer of our platform, ensuring our customers’ data is protected at all times.
  • Transparency: Providing clear, actionable information about managing and securing data, empowering our customers to make informed decisions.
  • Continuous improvement: Regularly evaluate and enhance our security practices to stay ahead of evolving threats.

What This Means for Our Customers

When you choose Torq, you’re not just selecting a SaaS solution but partnering with a company that prioritizes your security. Our adherence to Secure by Design principles means:

  • Minimal configuration risks: Our platform is designed to work securely out of the box, reducing the burden on your team to configure complex security settings.
  • Enhanced resilience: With built-in safeguards and automated protections, your organization’s security posture remains robust despite emerging threats.
  • Ongoing support: We’re committed to providing tools, resources, and guidance to help you confidently navigate security challenges.

This blog post outlines our commitment, investments, and transparency in those Secure by Design principles and our plans for the upcoming security year 2025.

Multi-factor authentication (MFA)

“Within one year of signing the pledge, demonstrate actions taken to measurably increase the use of multi-factor authentication across the manufacturer’s products.”

Torq’s customer’s default application authentication is SSO-based via federation through external identity providers, ensuring uncompromised authentication standards for our customers.

This approach ensures consistent MFA configuration and enforcement with their identity provider’s MFA settings.

Torq supports SAML 2.0 and OpenID Connect with code flow and implicit grant type. It’s compatible with many enterprise IDPs, including:

  • Google
  • Microsoft Entra ID
  • Okta
  • OneLogin

Supported SSO Methods and Protocols

  • Open ID connect
  • SAML 2.0

Default passwords

“Within one year of signing the pledge, demonstrate measurable progress towards reducing default passwords across the manufacturers’ products.”

Torq’s customers are invited to their new workspace by an invite email directly sent to their corporate mailbox.

The invite email contains a unique invite link, and clicking it invokes the authentication process.

When a customer’s admin user logs in to their Torq account using the invite link, they use their email and self-generated password; hence, no default passwords are involved.

Per policy, customers are informed that 2FA is necessary to continue.

The user must scan the QR code presented or enter the activation code into a recognized authenticator application on their cellular device.

Upon completion, the customer can set up the organization’s SSO, which neglects password usage thereafter.

Torq’s application password policy enforces the following criteria:

  • Between 8 to 20 characters
  • At least one capital letter
  • At least one lowercase letter
  • At least one number
  • At least one special character

Reducing entire classes of vulnerability

“Within one year of signing the pledge, demonstrate actions taken towards enabling a significant measurable reduction in the prevalence of one or more vulnerability classes across the manufacturer’s products.”

Torq adopts a “security by design” approach to effectively minimize attack surfaces that are vulnerable to potential threats.

That said, to effectively deal with zero-day attacks and reduce vulnerabilities, Torq has a few key components aiming at that goal, such as:

  • Penetration testing
  • Scanning Torq’s supply-chain pipeline, including code dependencies (open source), containers (dockerfiles), code (SAST), Secrets, and IaC as part of SDLC and CICD
  • Utilizing the world’s best-of-breed CNAPP
  • Utilizing Distroless cloud workloads
  • Utilizing an EDR vulnerability scanning module on Torq’s laptop devices fleet and addressing findings through automation

Looking ahead:

Over the course of the following year, we intend to focus on improving runtime visibility, gaining better and higher vulnerability verdict.

Security patches

“Within one year of signing the pledge, demonstrate actions taken to measurably increase the installation of security patches by customers.”

As a SaaS offering, Torq’s application is updated continuously through a process where Torq manages the deployment of new features, bug fixes, and security patches. Customers benefit from automatic updates without needing to install new versions manually. Torq’s Continuous integration and deployment (CI/CD) pipelines enable rapid, frequent updates, allowing it to deliver improvements and patches quickly while ensuring stability and performance.

No action is necessary on the customer’s part to have these patches automatically applied to their workspaces.

Customers are notified through Torq’s “what’s new” segment and through https://kb.torq.io/en/

Vulnerability disclosure policy

“Within one year of signing the pledge, publish a vulnerability disclosure policy (VDP).”

In addition to Trust Center, where customers can obtain up-to-date reports, policies, and the status of Torq’s security posture, Torq also maintains a Security and Compliance public page within its torq.io commercial website – https://torq.io/security-compliance/

At the bottom of this page, visitors are introduced to Torq’s privacy and security mail accounts for any security-related matter, including vulnerability disclosure.

Torq addresses and responds to any approach made.

https://torq.io/security-compliance/

As a continuous improvement, the process could be enhanced by having a dedicated online form for a better vulnerability disclosure experience within Torq’s security-compliance page.

CVEs

“Within one year of signing the pledge, demonstrate transparency in vulnerability reporting.”

At Torq, we take security seriously and continuously monitor our platform for vulnerabilities. Unlike traditional software that requires customers to manage their own patches, SaaS platforms like ours are centrally managed, allowing us to rapidly mitigate security issues without requiring customer intervention.

CVE (Common Vulnerabilities and Exposures) program focuses on publicly disclosed security vulnerabilities in software products, hardware, and firmware.

Torq is a SaaS offering that, by its operational fashion, is non-distributable and installed on its customers’ end. Hence, it does not directly fit and is obligated to issue CVEs disclosure.

We believe in transparency and proactive security measures.

Our approach to vulnerability management includes:

Continuous monitoring and rapid patching – We detect and remediate security issues before they impact customers.

Customer notification – We will notify impacted customers if a vulnerability affects data security or compliance.

Third-party component reporting – If an issue involves open-source or third-party software, we may issue a CVE when appropriate.

Security bulletins – We publish important security updates via our Trust Center.

Regulatory compliance – We align with industry standards (e.g., SOC 2, ISO 27001, FedRAMP) to ensure best-in-class security.

Evidence of intrusions

“Within one year of signing the pledge, demonstrate a measurable increase in the ability for customers to gather evidence of cybersecurity intrusions affecting the manufacturer’s products.”

Torq generates audit logs. These logs provide a comprehensive record of events within a workspace, capturing various actions and changes. They record events such as user activities, workflow changes, and resource modifications. Typically, log entries are created immediately after an action is taken. The audit logs include the event occurrence, timestamp, the user or service that initiated the action, and the affected entity.

To enhance the security and oversight of your workspace, audit logs could be streamlined to a SIEM or bucket using Torq workflows, steps, or API.

Looking Ahead

As cyber threats evolve, Torq’s security journey doesn’t stop here. Signing the CISA Secure by Design Pledge is just one of many steps we’re taking to ensure our platform remains a trusted partner for businesses worldwide. Our team will continue to innovate, collaborate, and advocate for security practices that benefit not only our customers but the broader digital ecosystem.

We’re excited about this new chapter and its meaning for our customers. By seamlessly integrating security into our solutions, we’re not just mitigating risks — we’re enabling your success.

Stay tuned for more updates on how we’re driving security excellence at Torq, and feel free to reach out if you have any questions about our Secure by Design journey.

Share

Related Articles

Integrations

Cloud Security Automation with Torq + Sweet Security

By Torq
February 4, 2025
5 Minute Read
Learn how Torq and Sweet Security empower SOCs to detect threats in real-time with cloud security automation, neutralizing threats in minutes, not days.

Contents

For security teams, resolving a cloud incident takes an average of 10 days — time attackers can exploit to cause further damage. The problem? SOCs often lack the context and cloud security automation they need to respond faster. That’s where the partnership between Torq and Sweet Security changes the game.

Why SOCs Need Torq and Sweet Security

Sweet Security delivers the real-time, cloud visibility SOCs need to identify threats quickly and accurately. Torq takes it further by automating the response process, bridging the gap between detection and action. Together, they empower SOC teams to neutralize threats in minutes — not days — reclaiming control over their cloud environments and staying ahead of attackers.

Sweet Security: Raising the Bar for Cloud Detection and Response

Sweet Security approaches cloud protection with precision and expertise that stands apart. Their platform combines unified cloud visibility across the cloud infrastructure, workloads, and applications with deep runtime context, enabling SOCs to detect and neutralize real-time threats as they unfold. By integrating cutting-edge, cloud-native technologies, Sweet equips security teams to handle even the most sophisticated attacks with confidence and resilience. 

Sweet’s Detection & Response capabilities reduce MTTR by enriching incident insights with detailed information on human and non-human identities, including roles, users, and service accounts. By correlating siloed cloud events into a comprehensive attack story and leveraging an advanced threshold mechanism to minimize false positives, Sweet ensures deeper context and alerts only on high-probability malicious incidents. Seamless orchestration with Torq further amplifies these capabilities.

Torq Hyperautomation: Transforming SOC Operations

Torq has redefined what’s possible for SOCs by enabling Hyperautomation across workflows. With Torq, SOC teams can design, deploy, and scale automated incident responses — reducing manual work and freeing analysts to focus on critical decision-making. Whether it’s accelerating the triage process, auto-remediating threats, or optimizing collaboration between tools and teams, Torq’s platform brings unmatched speed and precision to security operations.

Together, Torq and Sweet Security’s integration achieves what was once thought impossible: full-spectrum cloud protection, automated at scale.

What the Integration Delivers to SOC Teams

Torq and Sweet’s integration creates a seamless threat detection and resolution pipeline. Here’s how:

  1. Unified cloud visibility meets real-time automation: Sweet Security provides SOCs unparalleled insight into cloud environments, while Torq transforms these insights into automated actions. When Sweet’s platform identifies an anomaly, Torq can immediately trigger a workflow to respond to the threat.
  2. Proactive incident response: Cloud attacks often unfold in seconds, leaving SOC teams little time to react. With this integration, Sweet’s real-time detection feeds directly into Torq’s cloud security automation workflows, enabling SOCs to mitigate threats faster. For example, Sweet’s advanced capabilities allow for the detection of the human identity responsible for an incident and the ability to directly question the user about their activity — without requiring SOC intervention.
  3. Customizable workflows for every cloud environment: No two organizations operate the same cloud stack. Torq’s no-code platform allows security teams to tailor response workflows that align perfectly with their unique cloud setups, ensuring that Sweet Security’s detections are met with tailored, effective responses.
  4. Enhanced SOC efficiency and morale: Automation doesn’t just eliminate repetitive tasks — it empowers SOC teams to operate at their best. By integrating Sweet’s intelligence with Torq’s workflows, analysts are no longer bogged down by manual processes, allowing them to focus on strategic initiatives that strengthen overall security posture.

A Use Case: From Detection to Mitigation in Minutes

Imagine this scenario: Sweet Security identifies unusual activity in a cloud environment, flagging a misconfigured container with potential malware. The alert triggers a prebuilt Torq workflow that:

  • Enhances alerts with additional context from threat intelligence sources, as well as data from cloud provider APIs and log services, such as AWS CloudTrail and CloudWatch.
  • Automatically reaches out to asset owners through Slack or Microsoft Teams, enabling them to remediate minor issues without involving the SOC.
  • Isolates the container while verifying the presence of malware.
  • Deploys a remediation script to correct the misconfiguration.
  • Directly engages the suspected user to verify their activity — eliminating the need for SOC intervention.

All of this occurs in minutes — not hours or days — significantly reducing the attack’s impact.

Example cloud security automation workflow with Torq and Sweet Security.

Looking Ahead: Strengthening the Future of Cloud Security

The Torq and Sweet Security partnership isn’t just about solving today’s cloud security challenges — it’s about preparing SOCs for the future. With the increasing sophistication of cloud-native attacks, the ability to integrate real-time detection with scalable automation will be a non-negotiable for every security team.

At its core, this collaboration underscores a simple but powerful truth: when detection meets automation, SOCs can achieve extraordinary outcomes. By combining Sweet Security’s advanced cloud-native detection with Torq’s Hyperautomation platform, security teams are no longer playing catch-up. They’re setting the pace.

Ready to See Cloud Security Automation in Action?

For a detailed walk-through on integrating Torq and Sweet, check out the Knowledge Base article

To learn more about how Torq and Sweet Security are transforming cloud security, schedule a demo today and experience the future of SOC operations firsthand. 

Share

Related Articles

Insights

Torq Announces 300% Revenue Growth and Opens EMEA HQ in London

By Don Jeter, CMO, Torq
January 28, 2025
4 Minute Read
Torq’s new London headquarters

Contents

Last year was an absolutely amazing year for Torq. The stats are just mind-blowing: 300% revenue growth and 200% employee growth. We also closed our $70M Series C round, bringing our total funding to $192M.

In 2024, we officially closed the door behind us on SOAR and blew open the door ahead for Torq Agentic AI security solutions, which are now used by some of the biggest names in cybersecurity, consumer packaged goods, industrial automation, retail, and telecommunications. We’re talking about companies you know and love, like Abnormal Security, Check Point Security, Chipotle Mexican Grill, Deepwatch, Inditex (you may know them better by their brands Zara, Bershka, and Pull & Bear), Informatica, PepsiCo, Procter & Gamble, Siemens, Telefonica, and Wiz. And our unique security operations approach was validated by Gartner, IDC, Forrester, and GigaOm

EMEA Expansion and New London HQ

Well, guess what? We’re just getting started. In 2024, Torq achieved incredible market penetration across North and South America, and APAC, where Torq HyperSOC and Torq Hyperautomation products are now firmly established as the premiere Agentic AI and autonomous SOC solutions of choice for global enterprises. And now, I’m so pleased to let you know we’ve dramatically expanded operations across EMEA. 

We’ve got brand new EMEA headquarters in London, and we’ve appointed Usman Gulfaraz as our new VP of EMEA Sales. Usman is a high-octane, phenomenal leader, who was most recently responsible for global revenue at Speechmatics. Previously, he ran EMEA for Tessian, which he helped lead to acquisition by Proofpoint. And prior to that, he ran EMEA for Shape Security which he helped lead to acquisition by F5.  We’ve also just appointed Jaicee Matthews as our Head of EMEA Marketing. Jaicee previously led marketing teams for GTT, Edgio, and Lumen Technologies. Both of them are based in London.

I asked Usman for his thoughts and here’s what he told me: “I’m absolutely elated to join this world-class team of cybersecurity professionals making such a huge difference for enterprises around the world. Every day, I’m increasingly hearing from EMEA customers and prospects about their excitement about Torq HyperSOC featuring our Agentic AI Multi-Agent Framework. Demand is so high for Torq, I barely have time to write this quote for you, Don. The sky’s the limit for Torq and the fact that my email and phone are constantly blowing up says it all.”

Accelerating EMEA Partner Momentum

Our EMEA partner base is also increasing by leaps and bounds. It already includes AdvanceSec, Bytes Software Services, Check Point, GlobalDots, Nubera, Nueva Group, Softcat, Tata Group, Wiz, and WWT, with dozens more about to sign. 

Here’s what Adam McCaig, Head of Security Strategy and Services at Bytes Software Services, had to say: “We’re thrilled to partner with Torq and continue to deliver innovation that matters to our customers. Demand for Torq’s game-changing Hyperautomation Platform and Torq HyperSOC continues expanding exponentially. Together, Torq and Bytes Software Services are making enterprise SecOps teams across EMEA more productive and focused with their AI-driven SecOps and autonomous SOC solutions, ensuring organizations can mitigate existential security issues before they have a chance of creating adverse impacts.”

Focus on Autonomous SOC

In 2025, you can expect even more generational, transformational shifts from Torq as we take our AI-driven, autonomous SOC focus to the next level. You’re going to witness some of the most innovative product and capability unveilings in the history of modern cybersecurity. We’re going to deliver on the promise of true autonomy and introduce SecOps efficiencies and productivity boosters the likes of which you’ve never seen before.

We can’t wait to show you what’s coming up!

Share

Related Articles

AI

Maximizing AI Autonomy: Achieving Reliable AI Execution Through Structure and Guardrails

By Gal Peretz
January 21, 2025
5 Minute Read

Contents

Gal Peretz, Head of AI & Data at Torq

Gal Peretz is the former Head of AI & Data at Torq. Gal accelerates Torq’s AI and data initiatives, applying his deep learning and natural language processing expertise to advance AI-powered security automation. He also co-hosts the LangTalks podcast, which discusses the latest AI and LLM technologies.

Our previous blog post explored how planning with AI systems can set the stage for smooth collaboration between humans and machines. However, a solid plan alone isn’t enough. The next step is orchestrating the execution — ensuring that the AI system can carry out tasks autonomously while maintaining guardrails that prevent errors, hallucinations, or false actions.

The Challenge of Direct Execution: LLMs Alone Aren’t Enough

Moving from a free-text runbook to execution without a structured schema is where most AI implementations fail. While large language models (LLMs) are powerful, they continue to struggle with AI autonomy due to:

  • Hallucinations: Making incorrect assumptions or executing invalid steps.
  • Ambiguity: Choosing the wrong tools or extracting incorrect arguments from the execution context to pass to the next step.
  • Lack of Determinism: Struggling to execute tasks consistently without a clear structure, often leading to indeterministic execution where the AI agent may jump between steps out of order or skip them altogether.

Simply put, letting the LLM orchestrate execution without structure and guardrails lacks the precision needed for a reliable execution process.

Streamlining the Execution of a Clear and Reliable Plan

To address this, Torq implements a concrete structured execution scheme that ensures Torq’s AI system performs tasks deterministically and without ambiguity. Once the high-level plan is developed, the AI extracts each step as an atomic unit — clear, precise, and sequential. 

This structured approach eliminates the risks of indeterministic execution, where the AI agent might skip steps, go out of order, select incorrect tools, or misinterpret arguments due to vague instructions. 

Think of it like following a recipe step by step: after deciding to ‘make dinner,’ you break your activities into clear, sequential micro-tasks like ‘bring water to a boil’, then ‘add pasta to the water.’ 

Similarly, Torq built our AI to execute a detailed plan one micro task at a time, in the right order. This allows Torq’s AI system to analyze and break down instructions and examples for each step, ensuring the AI completes the overarching task accurately. By eliminating ambiguity, the structured execution guides the AI to select the right tools and arguments at every stage, delivering consistent and reliable results.

AI Guardrails: Balancing AI Autonomy and Control

While we aim to maximize AI autonomy, balancing it with guardrails is critical to ensuring its safe and reliable execution. These guardrails act as safety nets that prevent the AI from taking false or unintended actions, ensuring human oversight remains available when necessary.

The key is for the AI to be able to break down the execution process into atomic steps that it can handle precisely. The system then focuses on clear micro-tasks for each step, reducing ambiguity and enabling the AI to perform confidently. 

However, when the AI encounters uncertainty — such as ambiguous context, missing tools, or incomplete arguments — it pauses execution and escalates the decision to a human operator. This human-in-the-loop mechanism mitigates the risks of hallucinations or incorrect tool usage, providing a safety checkpoint before the AI proceeds.

By combining structured execution with these dynamic guardrails, we can push the boundaries of AI autonomy. This allows the AI to operate efficiently and autonomously in most cases, saving significant time and resources while ensuring that safety and accuracy are never compromised.

Screenshot showing an example of an AI system seamlessly delegating control to a human when it lacks permission to execute a critical task, demonstrating how AI autonomy and human oversight work together seamlessly.
Figure 1: Example of an AI system seamlessly delegating control to a human when it lacks permission to execute a critical task, demonstrating how AI autonomy and human oversight work together seamlessly.

Reliable AI-Powered Execution at Scale

Orchestrated execution unlocks AI’s full potential by combining precision, autonomy, and control. By leveraging a step-by-step structure, AI can focus on atomic tasks, ensuring consistency and reliability at every stage. This approach streamlines workflows requiring constant human intervention, enabling AI to act efficiently while remaining grounded in a structured plan.

For Security Operations Center (SOC) teams, this translates to faster and more reliable execution of security runbooks at scale. This reduces the need to micromanage AI-powered SOC processes or perfect the prompts to control the AI, giving SOC teams more time for higher-value tasks while ensuring confidence in the AI’s structured execution.

The Future of AI Autonomy in the SOC

Choosing solutions that orchestrate AI execution with appropriate guardrails is critical for building trust, efficiency, and precision in today’s SOC operations. AI that structures execution as a series of deterministic micro steps and balances AI autonomy with human oversight allows SOC teams to confidently rely on AI systems to streamline their workflows.

This collaborative approach enables SOC analysts, engineers, and managers to:

  • Maintain control over automated processes
  • Trust in AI’s reliability for step-by-step execution
  • Focus on higher-value work while reducing uncertainty

The result is a stronger, more efficient autonomous SOC environment where human expertise and AI capabilities work seamlessly together. Schedule a demo today.

Read the rest of Gal’s blog series about AI in the SOC:

Share

Related Articles

See Torq in Action

Get a demo to see how Torq helps you harness AI in the SOC to detect, prioritize, and respond to threats faster.

Is your security team ready to automate more, faster?