Torq markets itself as a security tool, and we do use them for security, but not in the traditional sense they market. Our security implementation uses them for internal tools that require multi-step processes of approvals, and it's easier to execute via workflow. Our biggest use case for Torq is onboarding and offboarding, which previously involved a very convoluted internal process. We made it automatic and secure by transforming these multi-step internal processes into rigid workflows, which provided security benefits. Torq provided an excellent introduction to no-code automation for me personally. Before signing with them, we evaluated Torq and other similar companies. Torq gave us the best of both worlds where it's easy to get into, but it also provides enough options. Some applications offer way more flexibility, while others are easier to use, but Torq struck a good balance for us with its visual branching tree workflow of no-code automation. This was a great way for me to enter the field, and even now, after building very long workflows, it remains easy to jump back into and understand what's happening, and I can edit it on the fly. Other than using API keys in workflows that sometimes need to be rotated, I cannot identify any needed updates. If you use an API key, it might expire, and then you need to enter the workflow or access the secrets in Torq to add a new one. For any team, whether security or IT, looking to automate and wanting to do it fairly easily without using scripts or hosting something, no-code automation in general is something I would advise. Torq would obviously be my first recommendation because I personally use them. If I am already speaking with somebody who implemented it, I would probably help them build it in a smarter way than we did because even in no-code automation, you can build things that eventually need to be refactored and rebuilt in a better way, which is harder to do than leaving them as is. I would probably help a different customer of Torq who is just starting out by giving them best practices, such as splitting up your workflows, using nested workflows, and trying to immediately incorporate AI. If you build a rigid workflow and then add AI, you will not be satisfied with the result. These are best practices for the application that I would mostly give. Our entire team personally works with Torq, which is four people. Our surrounding teams currently do not use Torq, but approximately six months ago, we created another workspace that we wanted to incorporate our development team into because we see the value in giving developers the option to build their own workflows for simple tasks. I started trying to help some of them adopt it and guide them through how to use Torq. For something as small as a developer who wants to get a daily alert about their tickets with a couple of parameters, it is just easier to do it via Torq than doing it via Jira.
My role is Cyber Security Engineer, and we use Torq for our case management platform, automating some of our phishing workflows to automate the containment of account takeover users, which are probably our biggest use cases. I have used Torq to automate triage, investigation, and remediation across multiple attack surfaces, including endpoint, identity, cloud, IT, and others.
I used Torq for conducting one of the proof of evaluations for a vendor we are connected with. I am currently working with Omnisoc, which provides SOC services for twenty-three other higher education institutions in the US. As part of vendor evaluations, we used Torq to differentiate between the manual workflow we had and the security automation provided with the Torq AI automation capability. We have used it to differentiate between our manual workflow and the capability it brought us in creating playbooks for many of the detections we have had. In that scenario, although we are an education organization which deals with education-related logs, we should not have much exposure to the data held at different members. From our research and testing with the tool, we realized there have to be modifications and changes to train the LLM on the back end. It was able to capture data but was unable to differentiate between the agent hostname we are using and the hostname that resides on the back end of the Internet. It was unable to do that sort of classification. We concluded this tool would be more suitable for initial ticket management rather than security automation. With the use of AI prompts, we were able to start with preparation of the tool through the last chain of niche, which is the remediation part. With the help of prompts, we were able to perform everything present on instant response plan.
Torq is the enterprise AI SOC solution that effectively combines adaptive insights and automation to handle critical threats efficiently. It manages threat lifecycles, swiftly moving from triage to response, ensuring effective risk management.Torq is designed to streamline security operations by aggregating telemetry across your security stack. It investigates significant risks and manages threats from triage to containment and remediation. This AI-driven tool enhances the capabilities of...
Torq markets itself as a security tool, and we do use them for security, but not in the traditional sense they market. Our security implementation uses them for internal tools that require multi-step processes of approvals, and it's easier to execute via workflow. Our biggest use case for Torq is onboarding and offboarding, which previously involved a very convoluted internal process. We made it automatic and secure by transforming these multi-step internal processes into rigid workflows, which provided security benefits. Torq provided an excellent introduction to no-code automation for me personally. Before signing with them, we evaluated Torq and other similar companies. Torq gave us the best of both worlds where it's easy to get into, but it also provides enough options. Some applications offer way more flexibility, while others are easier to use, but Torq struck a good balance for us with its visual branching tree workflow of no-code automation. This was a great way for me to enter the field, and even now, after building very long workflows, it remains easy to jump back into and understand what's happening, and I can edit it on the fly. Other than using API keys in workflows that sometimes need to be rotated, I cannot identify any needed updates. If you use an API key, it might expire, and then you need to enter the workflow or access the secrets in Torq to add a new one. For any team, whether security or IT, looking to automate and wanting to do it fairly easily without using scripts or hosting something, no-code automation in general is something I would advise. Torq would obviously be my first recommendation because I personally use them. If I am already speaking with somebody who implemented it, I would probably help them build it in a smarter way than we did because even in no-code automation, you can build things that eventually need to be refactored and rebuilt in a better way, which is harder to do than leaving them as is. I would probably help a different customer of Torq who is just starting out by giving them best practices, such as splitting up your workflows, using nested workflows, and trying to immediately incorporate AI. If you build a rigid workflow and then add AI, you will not be satisfied with the result. These are best practices for the application that I would mostly give. Our entire team personally works with Torq, which is four people. Our surrounding teams currently do not use Torq, but approximately six months ago, we created another workspace that we wanted to incorporate our development team into because we see the value in giving developers the option to build their own workflows for simple tasks. I started trying to help some of them adopt it and guide them through how to use Torq. For something as small as a developer who wants to get a daily alert about their tickets with a couple of parameters, it is just easier to do it via Torq than doing it via Jira.
My role is Cyber Security Engineer, and we use Torq for our case management platform, automating some of our phishing workflows to automate the containment of account takeover users, which are probably our biggest use cases. I have used Torq to automate triage, investigation, and remediation across multiple attack surfaces, including endpoint, identity, cloud, IT, and others.
I used Torq for conducting one of the proof of evaluations for a vendor we are connected with. I am currently working with Omnisoc, which provides SOC services for twenty-three other higher education institutions in the US. As part of vendor evaluations, we used Torq to differentiate between the manual workflow we had and the security automation provided with the Torq AI automation capability. We have used it to differentiate between our manual workflow and the capability it brought us in creating playbooks for many of the detections we have had. In that scenario, although we are an education organization which deals with education-related logs, we should not have much exposure to the data held at different members. From our research and testing with the tool, we realized there have to be modifications and changes to train the LLM on the back end. It was able to capture data but was unable to differentiate between the agent hostname we are using and the hostname that resides on the back end of the Internet. It was unable to do that sort of classification. We concluded this tool would be more suitable for initial ticket management rather than security automation. With the use of AI prompts, we were able to start with preparation of the tool through the last chain of niche, which is the remediation part. With the help of prompts, we were able to perform everything present on instant response plan.