What's New?

Now you can view a structured table of cases associated with an observable, including key details like status, resolution reason and timestamps. Easily assess historical relevance and investigative impact from the observable view, with seamless navigation between related cases.

We’ve updated the case preview—now easier to scan at a glance!

Information like the case severity, category, and creation time is now more accessible and easier to read in both the case card and quick views.
Everything you’re used to is still there—just better organized, more intuitive, and quicker to navigate.

You can now use the Set case management SLA remaining time display step to customize how SLA (Service Level Agreement) times are shown—either as time remaining or time elapsed. This setting is applied at the workspace level, ensuring a consistent display format for all users.

When viewing a case, users can quickly identify which time format is used and better assess the case’s urgency.

For more details, refer to our Knowledge Base.

We've introduced new integrations for Azure DevOps, Fact24, Google Search, Kaspersky, OSV, and VulDB, along with new steps for existing integrations and new templates. For full details, check out the complete digest.

Streamline data presentation with the display table element—now available in Torq Interact. Embed tables directly into your Torq Interactions, enabling real-time data display from securely exposed workspace variable tables and JSON tables.

We've introduced new integrations for Scanner, Transmit Security, Veeam ONE, Veeam Recovery Orchestrator, and Zabbix, along with new steps for existing integrations. For full details, check out the complete digest.

You can now use AI to auto-generate the Send an HTTP request step parameter values. This allows you to rapidly configure requests and minimize the time spent integrating third-party APIs.

If you don't see this feature, your organization may not have opted into AI.

Use the AI Task operator to enable no-code implementation of LLMs directly within workflows, transitioning from static, deterministic workflows to dynamic, AI-driven ones.

Streamline SecOps processes with AI, enabling countless use cases with just a drag of the operator.

If you don't see the new AI Task operator, it may be because your organization has opted out of Torq AI features. Please contact Torq support if you have not opted out and still don't see the feature.

Unlock the power of complete flexibility with Torq's Custom Integration Builder, enabling seamless connections to any service. By creating both step and trigger integrations, you can tailor & edit integrations to meet your exact needs and easily share them within your organization.
​
Go to Build > Integrations > Create New > Integration to try it now!

You can now save enrichment data, such as results from a threat intelligence service or internal business context, directly with the observable. This ensures the information is always readily available to anyone reviewing the observable, whether part of a case or on its own.

There are two ways to add enrichment data:

• Manually: Enter enrichment data when adding or viewing the observable from the Observables tab within a case.
• Automatically: Use the Enrichment optional parameter in the Create observable or Add observable to a case steps. Use the Update observable enrichment step to add or modify enrichment information anytime.

You can now auto-generate resolution details for your cases, allowing you to minimize the time spent manually summarizing case investigation findings.

Use Socrates to generate details about a case's closure or resolution based on a comprehensive analysis of all relevant case data.

Additional information is available in our knowledge base.

To perform additional analysis, you can export selected cases to a CSV file.

Apply filters to display only the cases you’re interested in, then click the Export All Filtered Cases icon to export them easily.

Additional information is available in our knowledge base.

With our new Loop experience, building Loops is more intuitive than ever! Within the new Loop UI, you can easily switch between types and modes, add next-step operators, and conveniently rename Loop values and keys.

We’ve introduced new integrations for Sweet Security, Toast, and Veeam and new steps for existing integrations like CrowdStrike, VictorOps, and Microsoft Outlook. For full details, check out the complete digest.

​

​

We’ve introduced the Resume Execution step, which provides you with precise control over workflows involving the Wait operator.
​

Use the Resume Execution step to signal a Wait operator to stop waiting and continue the workflow for a given execution. This allows workflows to resume automatically based on defined conditions, such as completing an approval process or gathering enough threat intelligence for further action.

We’ve added a Custom Fields Operator parameter in the Query Cases step, providing greater control over case filtering. Select AND or OR to refine your queries, with OR set as the default for maximum flexibility.

We’ve added a Loading Screen operator to Torq Interactions, allowing you to display customized messages to keep end-users informed about Interaction Flow progress.

Add a Loading Screen between Interactions and use markdown to personalize messages with text, images, or GIFs, making the waiting experience more dynamic and user-friendly.

We’ve introduced the ability to continue Interaction Flows within nested workflows, making parent workflows more organized and easier to manage.

Simply add an Interaction Flow parameter to the On-Demand trigger of the nested workflow, pass the Interaction Flow from the parent workflow, and assign any nested interactions to it. This ensures a seamless end-user experience while keeping your workflows efficient and organized.

Torq’s custom steps offer unparalleled flexibility to meet your organization’s unique needs. Now, you can share a workflow with custom steps or custom integrations, and they’ll automatically be included and available in the destination workspace.

When exporting a workflow, its description and tags are now included, ensuring they remain intact when imported into another workspace.

This enhancement enables seamless transfer of additional workflow details across workspaces, preserving essential information such as categorization and context during exports and imports.