Torq Debuts SecOps AI Agent for Automating and Easing Security Threat Remediation

Torq, the hyperautomation cybersecurity provider, is debuting Torq Socrates, a Tier-1 analysis AI agent designed to hyperautomate security processes for enterprises bogged down by overwhelming security workloads and a small talent pool.

Cybersecurity is innately intertwined with any modern enterprise; yet as data environments grow increasingly more complex, so too does the security of those landscapes.

“[We’ve come to the] realization that the security operations problem is only solvable by automation,” explained Leonid Belkind, co-founder and CTO at Torq. “This is why the company was established, because we believe the problem [of securing complex data environments] is grave and even growing...this problem domain that we're dealing with is uniquely and very specially suitable for a solution by AI, which is quite a rare set of circumstances.”

Torq Socrates’ hyperautomations—which range from alert triage to contextual data enrichment, incident investigation, escalation, and response—seek to remedy this vexing issue for enterprises both small and large alike. By empowering intelligent, autonomous remediation of security issues across an enterprise’s security ecosystems, Torq Socrates enables companies to achieve greater security with less burden, according to the company.

“Every organization has not enough security analysts, security architects, security engineers, security everything,” said Belkin. “Suddenly, [with Torq Socrates,] these people and their time will be freed to be more vigilant and more proactive.” 

Based on large language models (LLMs) that understand and comprehend an enterprise’s unique SOC strategy, Torq Socrates leverages AI-based reasoning and continuously updated, actionable methodology to ease the load of security activities.

Torq Socrates offers two main modes of interaction for SOC analysts, including:

  • A chat-based approach, where a human security analyst interacts with Socrates to uncover details of present security operations and threats
  • An operational procedure approach, where an analyst does not have to be present for Socrates to determine whether an event needs human attention or not in order to remediate

To ensure full control and ethical AI adoption, security analysts remain in charge of Socrates’ processes and outcomes, leaving sensitive decisions to the whims of its human operators. Additionally, Socrates documents and retains responses and success criteria to inform future actions.

Torq further emphasizes Socrates’ establishment as safe AI, stating that the agent operates only within organization-defined parameters. Not only does the solution require human approval for potential disruptive actions, it provides robust observability and in-depth audits of every action taken.

Regarding hallucinations, Socrates mitigates its presence through a laser-focused security viewpoint. Meaning, Socrates leverages a myriad of guardrails and extremely specific prompt engineering to reduce the chance of hallucinations, thereby increasing the confidence that its human operator has in the technology, according to the company.

Atop its utility, Torq Socrates easily integrates with an organization’s existing security tools, consolidating the data of previously siloed tools. By incorporating threat intelligence from other security tools, Socrates enriches and enhances existing events and alerts which, in turn, supports the reasoning of the agent’s containment and remediation actions. This enrichment also manifests as auto-sifting through events, where the agent prioritizes and categorizes potential threats.

Torq Socrates is currently available in limited offerings to select enterprises.

To learn more about Torq Socrates, please visit