What's New?

You can now delete unnecessary observables from your workspace to reduce clutter and streamline case investigations.

Observables can be removed manually from the Observables page, or automatically.

When an observable is deleted, it's also removed from any associated cases. If the same observable is re-added later, its data and associations are restored.

We've introduced new steps and improvements for existing integrations, as well as new templates. For full details, check out the complete digest.

You can now trigger a Workflow whenever a Step Runner's health status changes. Both Healthy to Unhealthy and Unhealthy to Healthy state changes are logged as System Events.

You can now send Interaction Flow notifications directly to users in the Torq app. The destination users will receive a sidebar notification with direct access to the Interaction, making urgent tasks or follow-ups easier to notice and act on.
​

We’ve added three enhancements to Torq Interact to make building and debugging smoother and simpler:

• Dynamic Timeouts: Set Interaction Flow timeouts dynamically for workflows, tailoring them to each use case. No need to create multiple Flows to manage different timeouts. (Tip: Use the correct time format, e.g., 12m, 1h.)
• Evaluate Expressions: Instantly check context references inside Interactions with one click, making debugging and fine-tuning your Flows easier.
• Reassign Trigger Interaction Flows: With just a few clicks, you can change the Interaction Flow for a Torq Interact trigger to any Flow in the workflow or create a new one.

We've introduced new steps and improvements for existing integrations, as well as new templates. For full details, check out the complete digest.

Manage Runbooks efficiently with the new Runbooks page. Enjoy complete visibility and control of all Runbooks in your workspace, add new Runbooks, and edit existing ones.

The new Observables page gives you complete visibility and control. You can now search, sort, filter, and manage all observables in one place, for enhanced threat tracking and traceability.

Add new observables and edit observable attributes, including metadata and enrichment data.

You can now pin your preferred mode, keeping the navigation bar expanded or collapsed. Right-click to open pages in new browser tabs.

We've introduced new steps and improvements for existing integrations, as well as new templates. For full details, check out the complete digest.

The Builderbox is a more intuitive way to access everything you need to build powerful workflows.

Navigate through the different Steps and Operators, and choose to view only Steps from integrations configured in your workspace, or all available Steps.

Access the AI-powered case summary, case description, key observables, and notes—right from the quick view. Designed for fast, focused investigations.

The new Email Trigger lets you initiate a workflow from an incoming email—no credentials, no complex integrations, no friction.

Configure your source to send an email to the unique, autogenerated email address to trigger your workflow.

With the new Show in Sidebar ability, any Torq Interact-triggered workflow can now be launched directly from the sidebar. All Workspace members can now instantly access and execute critical processes without leaving the Torq app.

We've introduced a new integration for Akamai Application Security, along with new steps and improvements for existing integrations. For full details, check out the complete digest.

Workflows can now be triggered by a bulk action on Cases, such as Assign, Change state, Link, and Change severity.

The new Bulk action performed trigger enhances visibility into bulk operations, making it easier to audit activity, manage cases efficiently, and gain deeper operational insights.

Now you can view a structured table of cases associated with an observable, including key details like status, resolution reason and timestamps. Easily assess historical relevance and investigative impact from the observable view, with seamless navigation between related cases.

Automate the upkeep of your Workspace and Organization's Custom Roles with Torq's newest Steps! Streamline role management and autonomously manage permissions and access using the Create, Update, and Delete Custom Role Steps within your Workflows.

Configure inactivity timeout and session expiration settings in the new Security section of the Settings page, enhancing Workspace security. Ensure your Workspace's users are automatically logged out after inactivity and define a time limit for all sessions, reducing the risk of unauthorized access.

You can now proactively monitor and resolve Runner-related issues with Torq’s diagnostic collector. This enhanced visibility into your Runners’ health expedites troubleshooting and improves automation reliability. Make sure to update Runners to v25.06.4.

The Step Runner page also now displays additional metadata such as each runner’s creation time, creator, status, description, type (K8s or Docker), and version.