These abilities compare to other tools I looked at as being quite standard. It is not something exceptional, as I mentioned. The overall performance depends significantly on how one builds the workflow since it is a SOAR platform. The customer bears the majority of the workload in developing workflows and playbooks to customize according to their needs. In a typical SOC scenario, we would want confirmation that an alert is a definite true positive before taking specific actions based on approvals. Torq provides end-to-end features allowing us to determine if it is a true positive. Additionally, there are communication connectors to notify our clients, "Hey, this looks fishy. We want to block this user." We can send a link within that communication, and once they click, we receive a response back confirming it is approved. There is also an escalation procedure built within the platform to assign cases to different tier analysts, and based on that, they can take response actions. Overall, I believe it is a convenient setup, yet ultimately, it is up to the customers to build it as they see fit. I would rate Torq overall at around an eight, based on all aspects I have worked with.
The maintenance side is very good because we are using the product to reduce activities. For instance, sometimes there is an alert or phishing email, and we want to address it immediately. For that purpose, Torq is very helpful and is doing its job greatly. There is no maintenance required on our end. I would rate this product at nine out of ten.
I would definitely recommend Torq. I have no doubt, really. When we looked for another vendor, Torq really answered all our questions. It really helps us to receive the best solution for our SOAR. We already connected Torq with our EDR, SIM logs, and DLP systems. When we connected it, the whole idea of Torq was collecting all the data to a specific place. We created alerts in the SIM and then automatically sent them to Torq. We do not handle the alerts in the SIM, only on Torq. When we collected the data from all the vendors, it is really easy when everything is in one place. We have everything in Torq, and then we do not need to connect to each system to review all the data. I believe we looked for a maturity that they did not have at first, but right now I can see and tell that they have this maturity, and we are going to use the Agentic AI. It used to be like a six, and right now it seems like an eight, maybe nine even when we review it. I would rate this review an eight overall.
Information Technology Specialist at a media company with 201-500 employees
Real User
Top 10
Feb 1, 2026
I would rate Torq an eight overall. I feel that Torq is as good as the effort you put into it. The limitations are very small compared to other vendors I work with. The only thing that would change that score at this point is if they get set back by AI or not. If they put a lot of effort into AI and we personally do not see the value, then the score goes down to a seven because we eventually run out of things to automate. I can sit and work on a workflow for two hours and get two minutes of ROI on it. I can build everything, and it is just eventually I am wasting time. If they add more AI features and focus on it that we have use for, then I can go back and build better workflows, get more impact on the time I put into it, and then it stays an eight. If not, it might go down a little over time.
CyberSecurity Engineer at a real estate/law firm with 10,001+ employees
Real User
Top 10
Jan 14, 2026
Torq's maintenance requirements depend on how you define maintenance. While Torq handles the platform's overall reliability, I have to perform maintenance on the workflows I build when bugs arise. I have no partnerships, but once, they sent me a really cool hoodie. I would rate this review a nine out of ten overall.
Senior Consultant at a university with 10,001+ employees
MSP
Top 20
Oct 22, 2025
One of our members uses AWS, and we receive their feed. This involves triaging AWS-related logs. While I do not have direct work experience with it, I am familiar with AWS-related services and data-related logs, especially with cloud red logs. I have conducted this evaluation for four months. Beyond that, I have experience with SIEM and vulnerability management. I have worked on integrations between our case management system and the incident management system in ServiceNow, which we moved to Torq. I found it particularly intuitive to use, as my previous experience with no-code tools helped me adjust to this software more quickly than my peers. The solution could improve its notification capabilities on the member side, particularly in notifying multiple people. Since working with the demo version of the product, most scenarios and testing data provided the required use cases and results we were seeking with Torq. I rate Torq an 8 out of 10.
Torq is the enterprise AI SOC solution that effectively combines adaptive insights and automation to handle critical threats efficiently. It manages threat lifecycles, swiftly moving from triage to response, ensuring effective risk management.Torq is designed to streamline security operations by aggregating telemetry across your security stack. It investigates significant risks and manages threats from triage to containment and remediation. This AI-driven tool enhances the capabilities of...
I have been working for five years with experience in the IT field. Torq is very good. It manages everything. I would rate this product 10 out of 10.
These abilities compare to other tools I looked at as being quite standard. It is not something exceptional, as I mentioned. The overall performance depends significantly on how one builds the workflow since it is a SOAR platform. The customer bears the majority of the workload in developing workflows and playbooks to customize according to their needs. In a typical SOC scenario, we would want confirmation that an alert is a definite true positive before taking specific actions based on approvals. Torq provides end-to-end features allowing us to determine if it is a true positive. Additionally, there are communication connectors to notify our clients, "Hey, this looks fishy. We want to block this user." We can send a link within that communication, and once they click, we receive a response back confirming it is approved. There is also an escalation procedure built within the platform to assign cases to different tier analysts, and based on that, they can take response actions. Overall, I believe it is a convenient setup, yet ultimately, it is up to the customers to build it as they see fit. I would rate Torq overall at around an eight, based on all aspects I have worked with.
The maintenance side is very good because we are using the product to reduce activities. For instance, sometimes there is an alert or phishing email, and we want to address it immediately. For that purpose, Torq is very helpful and is doing its job greatly. There is no maintenance required on our end. I would rate this product at nine out of ten.
I would definitely recommend Torq. I have no doubt, really. When we looked for another vendor, Torq really answered all our questions. It really helps us to receive the best solution for our SOAR. We already connected Torq with our EDR, SIM logs, and DLP systems. When we connected it, the whole idea of Torq was collecting all the data to a specific place. We created alerts in the SIM and then automatically sent them to Torq. We do not handle the alerts in the SIM, only on Torq. When we collected the data from all the vendors, it is really easy when everything is in one place. We have everything in Torq, and then we do not need to connect to each system to review all the data. I believe we looked for a maturity that they did not have at first, but right now I can see and tell that they have this maturity, and we are going to use the Agentic AI. It used to be like a six, and right now it seems like an eight, maybe nine even when we review it. I would rate this review an eight overall.
I would rate Torq an eight overall. I feel that Torq is as good as the effort you put into it. The limitations are very small compared to other vendors I work with. The only thing that would change that score at this point is if they get set back by AI or not. If they put a lot of effort into AI and we personally do not see the value, then the score goes down to a seven because we eventually run out of things to automate. I can sit and work on a workflow for two hours and get two minutes of ROI on it. I can build everything, and it is just eventually I am wasting time. If they add more AI features and focus on it that we have use for, then I can go back and build better workflows, get more impact on the time I put into it, and then it stays an eight. If not, it might go down a little over time.
Torq's maintenance requirements depend on how you define maintenance. While Torq handles the platform's overall reliability, I have to perform maintenance on the workflows I build when bugs arise. I have no partnerships, but once, they sent me a really cool hoodie. I would rate this review a nine out of ten overall.
One of our members uses AWS, and we receive their feed. This involves triaging AWS-related logs. While I do not have direct work experience with it, I am familiar with AWS-related services and data-related logs, especially with cloud red logs. I have conducted this evaluation for four months. Beyond that, I have experience with SIEM and vulnerability management. I have worked on integrations between our case management system and the incident management system in ServiceNow, which we moved to Torq. I found it particularly intuitive to use, as my previous experience with no-code tools helped me adjust to this software more quickly than my peers. The solution could improve its notification capabilities on the member side, particularly in notifying multiple people. Since working with the demo version of the product, most scenarios and testing data provided the required use cases and results we were seeking with Torq. I rate Torq an 8 out of 10.