Torq, a leading provider of security hyper-automation solutions, has introduced its latest innovation, Torq Socrates, an AI agent specifically designed to address security operations challenges. Leveraging large language models (LLMs), Socrates aims to combat alert fatigue, false positives, and job burnout for security analysts.
Socrates empowers cybersecurity teams by automating crucial security tasks, including contextual alert triaging, incident investigation, and response capabilities. The AI agent intelligently harnesses data from diverse security ecosystems to autonomously drive remediation actions.
A key advantage of Socrates is its continuous learning and evolution as it accumulates and analyzes security events. It functions as an extension for Security Operations Center (SOC) teams, helping them prioritize and categorize potential threats so that SOC analysts can focus on handling critical security incidents.
Leonid Belkind, co-founder and CTO of Torq, highlighted that Socrates is the industry’s first AI agent capable of handling complex multi-phase security tasks using natural language and enterprise-grade security hyper-automation.
The versatility of Socrates is evident in its ability to integrate seamlessly with any infrastructure, security, communication, or other tools within an organization’s IT stack.
Ofer Smadari, CEO and co-founder of Torq, expressed his anticipation that Socrates would resolve 90% of Tier-1 and Tier-2 tickets autonomously, leading to a paradigm shift in the way the industry approaches SecOps. The AI agent allows security professionals to concentrate on strategic impacts and outcomes by replacing significant portions of the Tier-1 and Tier-2 response approach with AI.
At the heart of Socrates lies the ReAct (Reason + Act) LLM approach, combining AI-based reasoning with actionable methodologies derived from organizations’ unique SOC playbooks. Torq’s human-in-the-loop automation ensures that sensitive decisions and actions remain under the control of human operators, promoting responsible AI adoption.
The integration of LLM empowers the model to semantically interpret guidelines into actionable insights and analyze the outcomes of executed actions against those guidelines, guiding the logical flow of follow-ups.
Streamlining Tier-1 security issues for SOC teams, Socrates addresses the repetitive nature of tasks performed by security analysts. It automates predefined operational practices, allowing analysts to focus on more creative and strategic aspects beyond the triage stage.
Belkind emphasized that the responsible AI architecture of Torq Socrates ensures optimal infrastructure utilization, with each tool accessible to the agent functioning as a Torq workflow. This scalable cloud-native orchestrator can handle security processes, executing tasks with various isolation levels within organizational networks or the cloud.
To ensure responsible AI development, the agent is restricted to triggering only Torq workflows, ensuring privacy controls are respected, and maintaining an immutable audit trail for every action.
Torq is collaborating with Enterprise and MSSP organizations, allowing Torq Socrates to be exposed to real-life events in their environments and following operational guidelines from SOC/SecOps teams.
For now, Torq Socrates is available on a limited availability basis for select enterprise organizations, poised to revolutionize the field of security operations with its cutting-edge AI capabilities.