Torq Adds Bevy of AI Agents to Automate Cybersecurity Workflows
Torq has extended the reach of the generative artificial intelligence (AI) capabilities spanning its security operations center (SOC) platform to now include multiple agents.
Company CTO Leonid Belkind said these additions extend the reach of Torq Socrates, an agent for augmenting security analysts that Torq added last year. The additional AI agents will now make it simpler to automate a much wider range of workflows based on the initial analysis of a security incident, he added. For example, The Torq Socrates AI agent will be able to invoke another AI to remediate a misconfiguration.
In addition, Torq is providing cybersecurity teams with access to a Builder Agent, which provides a natural language interface that cybersecurity teams can use to build custom workflows spanning multiple AI agents. There is a Scripting Agent that provides suggestions for creating scripts that integrate multiple AI agents.
Collectively, Torq claims AI agents will drive a 70% decrease in manual security case investigations, a 70% increase in analyst resource utilization, and an 80% decrease in workflow errors. As a result, the overall level of burnout and turnover that cybersecurity teams currently experience will be dramatically reduced, said Belkind.
Cybersecurity teams, however, may still need to resolve debates that will emerge as various AI agents offer their opinions on how best to resolve a specific issue, he noted.
In many ways, AI agents will fulfill an automation promise that was never achieved using security orchestration, automation and response (SOAR) tools that proved too complex for most cybersecurity teams to effectively master. The level of programming expertise now required to automate security workflows is comparatively minimal, said Belkind.
The AI agents provided by Torq are invoking multiple large language models (LLMs). As LLMs increase the reasoning capabilities, the more tasks AI agents will soon be able to complete without human intervention. In the meantime, AI agents are capable of performing tasks that previously would have been assigned to a junior member of a cybersecurity team.
It’s not clear what impact AI agents will have on cybersecurity staffing but the bar will be raised as many routine tasks are automated. Each cybersecurity team will then need to determine how best to train the next generation of analysts when many tasks that were previously assigned to entry-level personnel are now being performed by an AI agent.
Of course, few cybersecurity professionals of any experience level especially enjoyed performing many of those manual tasks so overall job satisfaction should improve. Despite some initial skepticism of AI, a day when cybersecurity teams are now going to want to work for organizations that don’t provide them with these types of capabilities is rapidly approaching. The level of manual toil otherwise required to combat threats that are increasing in both volume and sophistication will otherwise be too great.
The challenge now, of course, is determining to what degree cybersecurity teams can reliably count on AI agents to help even a playing field that today decidedly favors the attacker a lot more than it does them.
