To Reinvent SOAR, Automation Is only a Feature

Sponsored Post

To Reinvent SOAR, Automation Is only a Feature

Dec 7, 2021
3 minutes

Security, by its very nature, is one of the most innovative fields on the planet. Every technological advancement carries with it a handful or more of new attack vectors, which in turn lead to a dizzying amount of security innovation as our industry works to mitigate risk and defend against threats. But for all this innovation, there are a few ways in which security lags far behind.

In the past decade, the firewall was replaced three times over. Basic heuristics have been replaced by ML models, and now AI algorithms that detect threats faster than ever before. Cloud security has reinvented itself by finding easier ways to deliver stronger protection — even across newer, more virtualized stacks.

But for all this innovation in “protection”, there’s still something missing: how all these innovations work together, and how security teams can get the most out of the tools they’re using. Mastering a dozen security tools is challenging, and constantly switching between them every day is exhausting. SOAR platforms have helped in small ways, but the complexity and technical effort required has kept their impact limited.

Enter: Torq

It’s against this background that built Torq as a ground-up reinvention of what automation for security can, and should, be — automation that transforms how security teams work, by making it easier for them to deliver better protection, faster.

This reinvention requires a guiding philosophy — because without that focus, automation is little more than a feature.

At Torq, our guiding philosophy breaks down into three principles or promises to our customers that guide our decisions. By focusing on these principles, we’re able to deliver a tool that not only improves efficiency, but a solution that transforms our customers’ security for the better. 

This is Security Automation for Anyone

We proudly advertise Torq as no-code security automation. And yes, “no-code” may be as meaningless as “serverless” to some tech insiders, but what “no-code” represents is something transformative. At the end of the day, security is a practice of balancing resources and risk. Security is not about writing JSON payloads or python scripts and it’s definitely not about parsing through log files or transforming data to migrate from one system to another.

We take pride in being no-code because it means that security teams can focus on what they do best — delivering the best security possible. Torq provides an easy (we like to call it “uncomplicated”) experience for building security automation workflows that require zero technical know-how, custom code, or professional services. 

Torq spans the security ecosystem (and the rest of the enterprise as well) so that security professionals can rely on Torq to automate their daily work — no matter how large or small the process, and no matter the number of tools. This brings us to the second principle…

Connect to Anything, Anywhere

Not a day goes by without someone asking, “How many integrations do you have?” The funny thing is, it doesn’t matter what we answer — 100, 500, 5000. Regardless, the next question is always, “What if I need to connect to something you don’t integrate with?”

There’s a reason that’s always the next question — automation is useless if it operates in a silo. For customers to adopt any automation solution, it needs to connect to the tools they use today, and it needs to do so without causing friction. That’s table stakes. That’s why it’s disappointing that security has typically focused on giving customers integrations in the form of packages to install or apps to configure because this approach ignores that second question.

At Torq, we answered that second question first. The Torq platform comes with easy-to-use tools to connect to any system in any environment. API, CLI — doesn’t matter. Public Cloud, Hybrid, on-prem — we check those boxes too. Any user can connect to any system in minutes, not months.

Building on top of that, we then use those very same tools to build connectivity into Torq’s core platform, resulting in out of the box connections and step templates that connect to hundreds of security, IT, and enterprise tools, and workflow templates that turn these into opinionated automation to address dozens of different security challenges.

We’re proud of our out-of-the-box connections and templates, but we’re even prouder that you don’t need them.

We Make Security Stronger 

Automation isn’t a new concept, and the benefits automation brings aren’t a mystery. Automation helps teams do more with limited resources, spend more time on more valuable work, increase productivity, and leads to less burnout and better team retention. But that’s not enough. Torq is security automation. Adding that word in front of automation changes what our customers expect and what we’re committed to delivering.

When it comes down to it, automation is a feature. Torq is a platform built around world-class automation, best practices templates, connectivity, and data tools. Together, these features let our customers get more out of their security investments. Connect Torq to a Cloud Security Posture Management platform, and we’ll suggest workflow templates that automate simple fixes, route alerts across multiple teams, and orchestrate human-in the loop remediation — keeping your infrastructure better protected. The same is true of any other system, from IAM providers to Anti-phishing. Torq’s content-rich workflow library and intelligent recommendations help customers deliver new levels of protection, making their customers, data, and employees safer every single day.

What’s next?

We’ve been humbled by the response Torq has received in the past few months. Our teams (We’re hiring!) are hard at work continuing to add functionality and improve user experience — without making any compromises to our core principles above. Over the next year, you’ll see continued investments in our workflow library and recommendation engine, as well as improved scaling and multi-team sharing for our growing roster of enterprise customers. I can’t wait to share these improvements with you all!