With the incidents of cyberattacks touching new highs every passing year, businesses are increasingly investing in digital policing mechanisms. As per a 2023 survey from analytics firm Devo, 80% of cybersecurity leaders expected expanded investments in security automation technology in 2024, with cyber-threat mitigation emerging as the top priority area. The market for security automation is also projected to be worth USD 26.6 billion by 2032.
One such upcoming yet vital player in this industry is Torq, which applies AI to abstract away repetitive, onerous security-related tasks. In today’s episode of the “Start-up of the Week,” International Finance will talk about the venture, which has built its expertise in delivering the security industry’s first enterprise-grade Hyperautomation platform capable of automating the most complex security infrastructures at a dramatic scale.
“Torq is leading the way in Hyperautomation–the ability to rapidly identify, vet, integrate, and automate as many business and IT processes as possible. We’re addressing a critical need in the modern cybersecurity portfolio. Torq emancipates security teams from manually managing threat detection and remediation at scale and ensuring all of their systems are talking to each other, and working together in concert,” the venture explained itself in the following words.
Knowing The Vision
Established in 2020, the venture’s global cross-functional teams, based in the United States and Israel headquarters, collaborate and strategize daily to ensure an optimal customer and product experience. The founder trio of Ofer Smadari, Leonid Belkind and Eldad Livni, along with the start-up’s leadership team, are known cybersecurity veterans who pioneered the Torq Hyperautomation platform after running global-scale networks and cloud-native security services.
They engineered the Torq platform based on industry-leading security best practices and standards. These engineering processes and deliverables are subject to continuous audits from key authorities in the fields of Penetration Testing, Security Architecture, and Operational Compliance.
Torq’s CEO, Ofer Smadari, recently informed TechCrunch that the company’s annual recurring revenue (ARR) has surpassed USD 24 million. He stated, “We have tripled revenue over the past two years and are projecting USD 100 million ARR by fiscal year 2026. We currently have over 150 direct enterprise customers and dozens of partners providing services to nearly 900 enterprises worldwide through our platform.”
Torq closed a USD 70 million Series C funding round in September 2024. Led by Evolution Equity Partners, the round brings Torq’s total raised to USD 192 million. In Q2 2024, venture capital funnelled USD 4.4 billion into cybersecurity firms, according to Crunchbase, marking the strongest funding quarter for the sector since 2022. So Torq benefitted from that trend as well. The overall sector’s funding in Q2 was up 144% and 63% from Q1, while dealmaking across the two quarters nearly doubled versus the first half of 2023.
Smadari previously founded Luminate, a zero-trust platform that American consumer software company Symantec acquired in 2019. Belkind and Livni were at Check Point, where they designed network cybersecurity tools, before joining Torq.
Torq’s platform today lets IT teams across the world create automated security workflows that integrate with their company’s existing infrastructure. Torq offers a service that employs AI, specifically large language models along the lines of OpenAI’s ChatGPT, to answer questions about SOC playbooks, a step-by-step guide designed to help security analysts navigate and manage security incidents effectively.
“By connecting to the security infrastructure stack, Torq empowers organisations to remediate security events and orchestrate security processes at scale. We aim to augment human security analysts with AI-driven capabilities, allowing them to focus on higher tiers of investigation while leaving more repetitive triage, investigation, and response activities to AI,” Smadari noted.
Here Are The Flagship Products
Torq describes its “Hyperautomation” platform as the “World’s First Security Hyperautomation Platform,” which helps enterprise security teams automate every process at scale, with ease and efficiency. The tool can be easily integrated (in a record time by partnering with Torq’s experienced customer success team) across a business’ digital ecosystem, including cloud, on-premise, and hybrid environments.
The client businesses can remain connected with the “Hyperautomation” platform even if their third-party API or data format changes. The solution provides real-time API monitoring and updates for uninterrupted automation.
Through “Hyperautomation,” businesses can also build automations using AI prompts, no-code, low-code and full-code support. The tool comes with an easy drag-and-drop workflow designer, which helps its users to leverage expert-curated templates for the most common security use cases.
The enterprise-grade security architecture comes with benefits like secure and extensible cloud-native, multi-tenant, and zero-trust architecture, which “eliminates scaling and performance ceilings with horizontal elastic scaling and guaranteed SLAs (Service Level Agreements),” while remaining compliant with immutable activity, audit logs, granular scope, and RBAC (Role-Based Access Control).
Next is “Torq HyperSOC,” which transforms any business’ SOC (Security Operations Centre)-related functions with AI-powered Hyperautomation. The solution analyses, correlates, and organises unprocessed events from any security solution or third-party threat intelligence, apart from creating contextually enriched cases and intelligently ordering them according to severity, priority, and subject matter expertise. In that way, the tool focuses only on the highest-risk security events, enhancing the overall SOC efficiency.
The tool hyperautomates case management functions of a business’ cybersecurity set-up by embedding automation across the entire case management lifecycle combining AI-driven insights and Hyperautomation. It also dynamically calibrates security responses across multiple security solutions as any breach-like incident unfolds. “Torq HyperSOC” also auto-remediates 95% of tier-one cases by leveraging AI to execute SOC-defined automation runbooks at machine speed.
The response rate here gets faster as “Torq HyperSOC” leverages AI to automatically triage and investigate cases, saving human expertise for critical tasks. It also optimises case investigations and alert enrichment through AI-driven natural language processing. The tool elevates SOC analysts’ capabilities by using AI to trigger complex remediation and make better-informed decisions.
The brain which drives “Torq HyperSOC” is “Torq Socrates.” The latter accelerates analyst response times by summarising case data, status, or historical findings. The human analysts can chat with Socrates to enrich cases with additional triage and investigation, as the tool delivers immediate insights and simplifies complex cases by converting natural language queries into actionable data, along with automating the entire case management lifecycle from investigation to response.
Socrates analyses SOC-defined remediation runbooks and follows explicit threat remediation instructions. For critical cases requiring human decisions, it intelligently assigns cases to the appropriate analyst. Apart from enhancing the capabilities of all analysts, enabling even tier-one team members to achieve machine-speed response, the solution further augments analyst expertise while supporting ongoing learning and skills development.
Torq has also developed an application called “Case Management,” a purpose-built comprehensive case management that reduces the SOC analysts’ workload through automation, and enhances response times with AI-driven case enrichment.
“Torq’s case management system intelligently prioritises alerts by severity and impact, allowing security analysts to focus on the most critical issues without being overwhelmed by infrastructure and security tools noise,” the start-up commented.
“Case Management” helps security analysts make informed decisions and distinguish between harmless activities and real security threats by connecting data from various security tools and third-party threat intelligence to each alert. It can analyse massive volumes of alerts in real-time, identifying patterns, suppressing low-fidelity alerts, and automating low and medium-priority alert validation and investigation using pre-defined SOC runbooks or organisation-defined workflows.
Viable Name For MSSP And MDR-Related Activities
Torq is bringing speed and efficiency to the cybersecurity domain, especially when it comes to being an MSSP (Managed Security Service Provider). As a third party, an MSSP can alleviate the strain on IT teams, apart from freeing up crucial time the organisation needs to support and expand operations. Along with MSSP, Torq is providing MDR (Managed Detection and Response) services as well, helping organisations protect their data and assets from cyberthreats.
Around 95% of Tier-One cases are getting automatically investigated and enriched, while the onboarding of customers and provisioning of new environments have become 18 times faster. The creation and deployment of complex cybersecurity workflows have also become 10 times faster for the companies. These three stats are putting Torq head and shoulder above its rivals, especially the legacy cybersecurity players.
The most innovative MSSPs and MDRs, that come along with Torq’s “Hyperautomation” platform, are replacing the legacy security orchestration, automation, and response mechanisms.
“SOAR was never built for hybrid cloud adoption or multi-tenancy at enterprise scale. As MSSPs and MDRs look to legacy automation solutions to help onboard new customers and provide faster time-to-value, they are quickly running into the same challenges that the enterprise SOC faces; limited integrations, alert fatigue, and analyst burnout. The challenge is, SOAR is dead and it’s killing managed services,” Torq noted.
The Road Ahead
Much of the new cash from Torq’s Series C funding will be put toward product R&D and customer acquisition. In the coming days, the nearly 200-staffer, NYC-based start-up will beef up its go-to-market teams with a focus on the United States, Europe, and Asia.
Apart from closing the funding round, Torq announced a new partnership with RSM US, a global leader in the professional services industry. RSM US has integrated Torq HyperSOC into its “RSM Defence managed SOC” and this will enhance the firm’s ability to provide comprehensive detection and response services, threat intelligence, threat hunting, vulnerability management, and critical incident response to its global clients.