Generative AI, Channel partners, Content, Security Program Controls/Technologies

Torq Adds AI Agent to Security Hyperautomation Platform

Torq has incorporated the Socrates cybersecurity Tier-1 analysis AI agent into its security hyperautomation platform, enabling organizations to automatically contextualize security alerts and triage, investigate and respond to security incidents, the company said.

Socrates is now available on a limited basis to select enterprise organizations.

Torq will showcase Socrates at the Black Hat USA conference, taking place August 5-10, in Las Vegas, Nevada.

Torq Socrates Delivers "Safe AI"

Socrates is based on large language models (LLMs) that analyze and understand organizations' security operations center (SOC) playbooks, Torq stated. It aligns with the ReAct (Reason + Act) LLM approach, which emphasizes the use of AI-based reasoning with a continuously updated and actionable methodology.

Socrates is based on Torq workflows and operates within organization-defined parameters, the company noted. Human approval is required to perform potentially disruptive actions such as quarantining a laptop or blocking network segments. As such, Socrates is "an example of safe AI," Torq indicated.

How Torq Socrates Works

Socrates combines intelligence signals from organizations' security ecosystems to drive autonomous remediation, Torq said. The agent learns and evolves as it gathers and analyzes security events and alerts.

In addition, Socrates incorporates and enriches threat intelligence from multiple threat intelligence sources, Torq stated. It automatically enhances existing security events and alerts, auto-sifts through them and prioritizes and categorizes potential threats.

What Torq Socrates Means for MSSPs

MSSPs can use Socrates to close 90% of Tier-1 tickets autonomously, Torq noted. Socrates works in conjunction with MSSPs' existing security tools. It consolidates data from various sources to help users analyze security events and alerts and execute threat containment and remediation strategies.

Torq CMO Don Jeter explained how Socrates empowers MSSPs across all levels of their security operations sales and support:

"With this new solution, MSSPs can harness an AI-driven approach that mitigates critical issues. A few of those include alert fatigue, false positives, decreased visibility and job burnout... Torq Socrates offers MSSPs and their customer ecosystems a positive way forward that enhances SecOps from end to end."

A Closer Look at Torq

Torq offers a security hyperautomation platform that provides no-code, low-code and full-code security automation capabilities. This platform works 10x faster than legacy security orchestration, automation and response (SOAR) solutions, the company said.

MSSPs, MSPs and other technology providers can join Torq's channel partner program to incorporate the company's platform into their portfolios. Torq also has launched technology integrations with SentinelOne and other cybersecurity companies.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.