I used Torq for conducting one of the proof of evaluations for a vendor we are connected with. I am currently working with Omnisoc, which provides SOC services for twenty-three other higher education institutions in the US. As part of vendor evaluations, we used Torq to differentiate between the manual workflow we had and the security automation provided with the Torq AI automation capability. We have used it to differentiate between our manual workflow and the capability it brought us in creating playbooks for many of the detections we have had. In that scenario, although we are an education organization which deals with education-related logs, we should not have much exposure to the data held at different members. From our research and testing with the tool, we realized there have to be modifications and changes to train the LLM on the back end. It was able to capture data but was unable to differentiate between the agent hostname we are using and the hostname that resides on the back end of the Internet. It was unable to do that sort of classification. We concluded this tool would be more suitable for initial ticket management rather than security automation. With the use of AI prompts, we were able to start with preparation of the tool through the last chain of niche, which is the remediation part. With the help of prompts, we were able to perform everything present on instant response plan.
Torq is the enterprise AI SOC solution that effectively combines adaptive insights and automation to handle critical threats efficiently. It manages threat lifecycles, swiftly moving from triage to response, ensuring effective risk management.Torq is designed to streamline security operations by aggregating telemetry across your security stack. It investigates significant risks and manages threats from triage to containment and remediation. This AI-driven tool enhances the capabilities of...
I used Torq for conducting one of the proof of evaluations for a vendor we are connected with. I am currently working with Omnisoc, which provides SOC services for twenty-three other higher education institutions in the US. As part of vendor evaluations, we used Torq to differentiate between the manual workflow we had and the security automation provided with the Torq AI automation capability. We have used it to differentiate between our manual workflow and the capability it brought us in creating playbooks for many of the detections we have had. In that scenario, although we are an education organization which deals with education-related logs, we should not have much exposure to the data held at different members. From our research and testing with the tool, we realized there have to be modifications and changes to train the LLM on the back end. It was able to capture data but was unable to differentiate between the agent hostname we are using and the hostname that resides on the back end of the Internet. It was unable to do that sort of classification. We concluded this tool would be more suitable for initial ticket management rather than security automation. With the use of AI prompts, we were able to start with preparation of the tool through the last chain of niche, which is the remediation part. With the help of prompts, we were able to perform everything present on instant response plan.