Torq has incorporated the Socrates cybersecurity Tier-1 analysis AI agent into its security hyperautomation platform, enabling organizations to automatically contextualize security alerts and triage, investigate and respond to security incidents, the company said.
Socrates is now available on a limited basis to select enterprise organizations.
Torq will showcase Socrates at the Black Hat USA conference, taking place August 5-10, in Las Vegas, Nevada.
Torq Socrates Delivers "Safe AI"
Socrates is based on large language models (LLMs) that analyze and understand organizations' security operations center (SOC) playbooks, Torq stated. It aligns with the ReAct (Reason + Act) LLM approach, which emphasizes the use of AI-based reasoning with a continuously updated and actionable methodology.
Socrates is based on Torq workflows and operates within organization-defined parameters, the company noted. Human approval is required to perform potentially disruptive actions such as quarantining a laptop or blocking network segments. As such, Socrates is "an example of safe AI," Torq indicated.
How Torq Socrates Works
Socrates combines intelligence signals from organizations' security ecosystems to drive autonomous remediation, Torq said. The agent learns and evolves as it gathers and analyzes security events and alerts.
In addition, Socrates incorporates and enriches threat intelligence from multiple threat intelligence sources, Torq stated. It automatically enhances existing security events and alerts, auto-sifts through them and prioritizes and categorizes potential threats.
What Torq Socrates Means for MSSPs
MSSPs can use Socrates to close 90% of Tier-1 tickets autonomously, Torq noted. Socrates works in conjunction with MSSPs' existing security tools. It consolidates data from various sources to help users analyze security events and alerts and execute threat containment and remediation strategies.
Torq CMO Don Jeter explained how Socrates empowers MSSPs across all levels of their security operations sales and support:
"With this new solution, MSSPs can harness an AI-driven approach that mitigates critical issues. A few of those include alert fatigue, false positives, decreased visibility and job burnout... Torq Socrates offers MSSPs and their customer ecosystems a positive way forward that enhances SecOps from end to end."
A Closer Look at Torq
Torq offers a security hyperautomation platform that provides no-code, low-code and full-code security automation capabilities. This platform works 10x faster than legacy security orchestration, automation and response (SOAR) solutions, the company said.
MSSPs, MSPs and other technology providers can join Torq's channel partner program to incorporate the company's platform into their portfolios. Torq also has launched technology integrations with SentinelOne and other cybersecurity companies.
