Torq Socrates delivers automated contextual alert triaging, incident investigation, and response

Torq announced an evolution of the Torq security Hyperautomation platform: Torq Socrates, cybersecurity’s Tier-1 analysis AI Agent.

Torq Socrates is designed to transform security operations by using AI to hyperautomate key security operations activities, including alert triage, contextual data enrichment, and incident investigation, escalation, and response. It combines intelligence signals from across organizations’ security ecosystems to drive autonomous remediation. It also learns and evolves as it accumulates and analyzes security events.

Torq Socrates introduces dramatic new efficiencies and incident response accuracy that alleviates the most critical challenges security analysts face, including alert fatigue, false positives, decreased visibility, and job burnout.

Torq Socrates is based on Large Language Models (LLMs) that intelligently analyze and understand organizations’ unique SOC playbooks to become an integral extension of their SOC teams. It is based on the ReAct (Reason + Act) LLM approach that interleaves AI-based reasoning with an informed, continuously-updated actionable methodology.

With Torq Socrates, security analysts remain in charge of processes and outcomes. Further, these responses and success criteria are documented, absorbed, and inform future decision trees Torq Socrates considers over time.

Torq Socrates seamlessly integrates with existing security tools. By leveraging Torq workflows and integrations as actions for the AI Agent, Torq Socrates consolidates data from previously disparate sources to achieve comprehensive event analysis and to execute rich threat containment and remediation strategies.

Torq Socrates incorporates and enriches threat intelligence from myriad threat intelligence sources, automatically enhancing existing events and alerts, and supporting the reasoning leading to executing containment and remediation actions. It auto-sifts through events and prioritizes and categorizes potential threats, enabling SOC analysts to pivot their attention to the most critical security incidents. Torq’s human-in-the-loop automation capabilities leave sensitive decisions and actions fully under the control of human operators, ensuring responsible AI adoption.

“Torq Socrates is a huge leap forward in applying the benefits of AI to SecOps efficiency and productivity,” said Ofer Smadari, CEO Torq. “Based on its capabilities, I anticipate 90% of Tier-1 and Tier-2 tickets will be resolved autonomously going forward. This represents a complete shift in how the industry thinks about SecOps. It goes far past the typical AI augmentation approach by enabling SecOps to replace significant parts of its Tier-1 and Tier-2 response approach with AI, enabling security professionals to focus on big picture strategic impacts and outcomes.”

“Torq Socrates is one of the first AI-based applications with significant potential to change how security teams operate for the better,” said Gai Hanochi, VP Business Technologies, Fiverr. “While a lot of products are merely AI hype, Torq Socrates offers a forward-thinking evolution of this cutting-edge technology. Torq Socrates has the elements for reshaping SecOps by driving incredible productivity and efficiency from existing staff, while future-proofing the organization against the evolving threat landscape without additional resources.”

“SentinelOne already leverages Torq to bring hyperautomation to our SOC,” said Joshua Blackwelder, Deputy CISO, SentinelOne. “Today, approximately 80% of our security alerts are assisted and accelerated by Torq workflows. We are excited about our close partnership and the innovation Torq is driving with AI. To analyze and enrich, and also autonomously respond to alerts, is a paradigm shift that will bring unprecedented efficiencies to security teams.”

Torq Socrates is an example of safe AI. It’s based on Torq workflows and operates within organization-defined parameters. Human approval is required in order to perform potentially disruptive actions such as quarantining an executive’s laptop, or blocking entire network segments.

In these cases, Torq Socrates will reach a human-in-the-loop decision point that requires user verification in order to move forward. Further, organizations benefit from flexible observability and in-depth audits of every action taken, including parameters and execution details.

In addition to mitigating cyber threats, Torq Socrates remedies one of the biggest issues facing security organizations today: recruiting and retaining qualified security professionals during a chronic talent shortage. Increasingly, CISOs are recognizing the need for intelligent automation and augmentation in their security operations to reduce the heavy burden on SOC Analysts.

By eliminating the challenges of alert overload, false positives, and manual analysis, Torq Socrates elevates the role of security professionals to strategic heights that boost employee satisfaction.

“SOC analyst burnout is a significant issue affecting security organizations everywhere,” said Jony Fischbein, CISO, Check Point Software. “Security leaders agree teams are often pushed to breaking points and exhaustion as they manually deal with the increasing volume and sophistication of cyber threats. Torq Socrates nicely addresses these challenges. It’s the AI solution SOC teams have been waiting for.”

Torq Socrates is now available on a limited availability basis to select enterprise organizations.