No-code automation platform startup Torq Ltd. today announced the launch of Torq Socrates, a Tier-1 analysis artificial intelligence agent designed to transform security operations. 

Torq Socrates uses AI to hyper automate key security operations activities, such as alert triage, contextual data enrichment and incident investigation, escalation and response. The service combines intelligence signals from across an organization’s security ecosystems to drive autonomous remediation and learns and evolves as it accumulates and analyzes security events.

The new service is claimed to introduce “dramatic” new efficiencies and incident response accuracy that alleviates security analysts’ most critical challenges, including alert fatigue, false positives, decreased visibility and job burnout. 

Under the hood, Torq Socrates uses a Reason + Act Large Language Models approach, which combines AI-based reasoning with actionable methodologies that are continuously updated. The service differs from traditional AI systems in that it’s designed to analyze and understand an organization’s unique security operations center playbooks, making it an integral extension of existing SOC teams. The AI Agent functions within the framework of existing processes and learns and evolves as it accumulates and analyzes security events to drive new efficiencies and improve incident response accuracy.

Torq argues that its ability to seamlessly integrate with existing security tools sets Torq Socrates apart from other security platforms. By leveraging Torq workflows, Socrates consolidates data from different sources to provide comprehensive event analysis and execute rich threat containment and remediation strategies. The service also intelligently prioritizes potential threats, allowing analysts to focus on the most critical security incidents.

To tackle any concerns about safe AI adoption, Torq Socrates ensures that sensitive decisions remain entirely under human control. Torq’s human-in-the-loop automation leaves critical actions like quarantining an executive’s laptop or blocking network segments subject to human approval. Doing so ensures responsible AI implementation and provides organizations with in-depth audits of every action taken for flexibility and transparency.

“Based on its capabilities, I anticipate 90% of Tier-1 and Tier-2 tickets will be resolved autonomously going forward,” co-founder and Chief Executive Ofer Smadari said ahead of the product’s release. “This represents a complete shift in how the industry thinks about SecOps. It goes far past the typical AI augmentation approach by enabling SecOps to replace significant parts of its Tier-1 and Tier-2 response approach with AI, enabling security professionals to focus on big-picture strategic impacts and outcomes.”

Torq was last in the news in December when it launched Torq Insights, a new overlay for managing security stacks. Insights is a comprehensive reporting and analytics overlay that provides the operational data needed to manage, monitor and evolve the security automation stack.

Photo: Torq