Fast Fashion Giant Automates Security Operations on Global Scale

The Problem: Siloed and Manual Processes Across Complex Global Security Operations

A heavily siloed and manual security environment that relied on legacy SOAR forced Tier-1 analysts at a global fashion retailer to spend most of their time checking the influx of alerts coming in from numerous disparate tools. The sheer volume of thousands of detections every day, combined with the potential for false-positives and lack of integration across their detection platforms, strained resources and made it difficult to shorten their detection lifecycle. 

Additionally, unclear end user request tickets wasted days of time, while diverse security requirements for teams in different countries added another layer of complexity. 

The Solution: Powerful Case Management and Workflow Building from Torq

Two years ago, the organization’s security automation team selected Torq for its powerful case management and ease of building automations. The Torq Hyperautomation™ platform’s intuitive user interface and drag-and-drop workflow builder empowered analysts of all skill levels to create and modify automations. Key improvements included:

• Enhanced case management: Torq’s case management automation reduces analyst workloads and provides a unified place to track and manage cases.
• Seamless integrations: The organization was able to easily connect their security stack, including core integrations with CrowdStrike for rapid incident response, as well as VirusTotal, Microsoft, and many more.
• Automated detection lifecycle: Torq enabled automated alert triage and enrichment, reducing the burden of manual analysis and speeding up response.  

Torq in Action: Streamlined End User Requests and Just-in-Time Access 

Improved end user experience: Torq enabled the security automation team to implement a bot-based menu to handle common end user requests, which formerly often lacked crucial information and wasted days of time. This greatly sped up processes like end user access requests and approvals, which, thanks to Torq automations,  can now be done in Teams rather than via app logins.  They now save a week of time on every end user ticket, and are down to just one to two minutes for resolution.

Streamlined just-in-time administrative access: Torq automated the provisioning and removal of administrative access to workstations (Mac, Windows, Linux, cloud, and hybrid), minimizing security risks and streamlining a previously complex and friction-heavy process.  Their Security Automation Manager said, “Now it’s so easy to pull in the devices being worked on. The [Torq] workflow elevates everything and at the end of the day all permissions are removed, reducing risk around administrating workstations.” 

As the security automation team continues to build more automations that save time across many functional areas, they’ve been impressed with the technical expertise of the Torq team and the partnership Torq shows in recommending how they can improve a workflow or reduce steps for greater efficiency. “It’s been a really great experience… It’s awesome for us.”