What's New?

We've introduced new integrations for Cyera, FIRST, and SSLLabs, along with new steps for existing integrations, various enhancements, and new templates. For full details, check out the complete digest.

Want even more streamlined automation? Use Torq's new Deduplicate Operator! Effortlessly handle burst events, recurring reports, repeated indicators, and more without clogging up your workflows.

The Deduplicate Operator automatically identifies and processes duplicate entries across workflow executions, based on your specified criteria and time range. The operator helps avoid repetitive input, allowing you to consolidate repeated trigger events, prevent duplicate case creation, streamline records, and more!

Say goodbye to data clutter and hello to a cleaner, more powerful automation experience with Torq!

Case management settings are now centralized in the Settings > Cases page, simplifying customization to align with your organization’s specific needs.

We’ve introduced three new settings:

• Categories: Manage categories for accurate case classification.
• Resolution Reasons: Manage the reasons analysts can specify when resolving or closing cases.
• States: Create custom states and edit the default ones for accurate tracking.

More details can be found in our knowledge base.

As all workflow builders know, building custom steps with Torq's Step Builder (and other customizing options) is an innovative and flexible way to meet your organization's specific needs. Now, when importing and exporting a workflow containing custom steps or integrations, those steps/integrations will also be added and available within the destination workspace.

We've introduced new integrations for Absolute Software, Check Point Harmony Mobile, EchoTrail, Gytpol, incident.io, IOCParser, Mitiga, oomnitza, Polarity, PostgreSQL, Pulsedive, and TruSTAR, along with new steps for existing integrations, various enhancements, and new templates. For full details, check out the complete digest.

We've enhanced the notes experience in cases with these updates:

• Increased character limit to 65,000.
• Added easy image resizing with aspect ratio preservation and an option to view images at full size.

More information about notes in cases is available in our knowledge base.

Introducing the Data Transformation Operator! Processing large amounts of data to create consistent and navigable output can be overwhelming, so Torq's Data Transformation Operator is here to help! Give instructions in natural language to generate JQ code on any JSON input.

Data Transformation supports mapping and extraction, converting data types, math functions, and more! As with all Torq operators, its use is intuitive for builders of all levels - coders and non-coders alike.

So what are you waiting for? Go transform your data - and your automations - now!
​
If you do not see the new Data Transformation operator, it may be because your organization opted out of Torq AI features. Please contact Torq support if you have not opted out and still do not see the feature.

Case management settings are now centralized in the Settings > Cases page, simplifying customization to align with your organization’s specific needs.

Available settings (with more coming soon) include:

• Auto Refresh: Adjust the auto-refresh interval for the Cases page.
• Public Notes/Comments: Enable the option to mark notes and comments as public.

More details can be found in our knowledge base.

Torq Interact has just expanded its capabilities! Now, you can create a portal interface for your internal organization end users. Easily present users with a seamless interface to access and execute Torq Interact workflows. Enhance operational efficiency by leveraging cross-organizational portals for streamlined, automated actions and real-time data access.

Follow this How-To and create your Portal today!

We’ve improved the Set a Custom Field's Value step to allow multiple custom fields to be updated in a single execution. As a result, the step has been renamed to Set Custom Fields Values.

You can now use the Input mode dropdown to select whether to update a single field or multiple fields. To update multiple fields, provide the key-value pairs in JSON format.

Note that if you have workflows triggered by the Custom Field Updated cases trigger scenario, the trigger event will differ when using the option to modify multiple fields.

Create a Service API key to eliminate your workspace's reliance on user presence. Private API keys are liable to break should a user be removed from a workspace. This is solved by introducing Service API keys, which are associated with the workspace they belong to, not to any one user, and created by an Owner of the workspace.

The process is simple: go to your API key page and toggle from Private to Service. Pick the appropriate role for the key's access level, and click Create. The API key will now be accessible for any workflow within the workspace and will not break even if the creating user is removed.

We've introduced a new RBAC scope, cm.case.delete, allowing you to create custom roles without case deletion permissions.

By contacting Torq support, you can create a custom analyst role without deletion permissions, ensuring only authorized team members can delete cases.

All Torq roles with case management write access have been updated to include this new scope, ensuring they retain their previous abilities without any changes.

For more details on roles and scopes, visit our Knowledge Base.

Use the Create a Case from JSON step to generate cases by passing attributes in JSON format.

This step offers more flexibility than the standard Create a Case step, allowing you to define additional attributes like custom fields, custom SLA timers, quick actions, and a runbook within the JSON object.

A detailed JSON input example is available in the knowledge base and within the step itself.

We've introduced new integrations for Cyberint, DeskPro, Google Chat OAuth, and Rootly, along with new steps for existing integrations, various enhancements, and new templates. For full details, check out the complete digest.

You can now leverage the AI-generated case summary in the Overview tab of each case to streamline your investigations. Designed for clarity, the summary highlights essential details such as key events, critical timestamps, potential impacts, and significant indicators.

The summary, drawing from various case attributes—including the case description, observables, notes, and timeline comments—is automatically updated with every major change.

More information is available in our knowledge base.

In addition to the severity levels of Low, Medium, High, and Critical, you now have the option to set the severity of cases to Informational. This level is intended for non-threatening events that provide relevant context and details, such as software updates, non-critical alerts from third-party systems, routine user activity, and more.

We’ve added advanced logic directly into your Torq Interactions. Enhance the end-user experience by dynamically presenting questions and information based on live responses. This dramatically reduces form completion and creation time and increases accuracy and user-centricity.

Insert conditional elements in your Interactions using the Condition element under Control Elements. Create a condition and drag relevant display and input elements under your conditional. These elements will only be shown should the condition be met.

By placing elements under a condition, you receive ultimate specificity within your Torq Interactions and can dynamically adjust your automated interactions with all possible scenarios.

We've added two new RBAC scopes to provide more granular control over case visibility: cases.read.attr.assigned.to.others and cases.read.attr.unassigned.

You can use these scopes to create custom roles with tailored visibility controls. For example, by reaching out to Torq support, you can easily set up a role that restricts users from viewing cases not assigned to them, boosting security and safeguarding sensitive cases.

All Torq roles with case management access have been updated to include the new scopes, maintaining the same visibility to all workspace cases as before. Additionally, all users with case management access will always have visibility into cases assigned to them.

For more details on roles and scopes, visit our Knowledge Base.

Torq is always looking for ways to save analysts' time. Our newest update does just that: it reduces cognitive load and minimizes unnecessary workflow executions with a simple checkbox.

Allow analysts to cancel Cases tasks:

• When configuring the settings of an Interaction Flow, you can check the box Allow end-users to cancel tasks.
• Analysts can then "delete" pending tasks and redo the handling process should they need to start handling a case from scratch.
• Upon canceling a pending task, the related workflow execution will also be stopped.

Additionally, we've updated the timeout for tasks and Interaction web pages. Now, you can select to cancel workflow executions entirely upon timeout.

• If a task or web page is not completed or submitted within the set time, the related workflow execution will automatically be stopped.
• To enable the timeout, check the Stop workflow execution box when configuring the Interaction Flow settings.

PS: Check out the new Expand button and start reading tasks without squinting.

You can now track key metrics and information about your organization’s workspaces in Torq using the Organization Management page.

This page, accessible to users with the Organization Manager role, allows them to view the complete list of workspaces, identify workspace owners, and monitor key metrics related to the Torq license without needing to be members of every workspace. This setup enhances administrative oversight and helps optimize your organization’s use of Torq.

If the Organization Management page isn’t visible in your workspaces list, contact Torq support to have it set up for your organization.

More information is available in our knowledge base.