No more typing reviews! Try our Samantha, our new voice AI agent.

Blink Ops vs ThreatQ comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Torq
Sponsored
Ranking in Security Orchestration Automation and Response (SOAR)
4th
Average Rating
8.8
Reviews Sentiment
6.5
Number of Reviews
14
Ranking in other categories
AI-SOC (1st), AI-Powered Security Automation (1st)
Blink Ops
Ranking in Security Orchestration Automation and Response (SOAR)
19th
Average Rating
7.6
Reviews Sentiment
4.4
Number of Reviews
2
Ranking in other categories
AI-SOC (9th), AI-Powered Security Automation (4th)
ThreatQ
Ranking in Security Orchestration Automation and Response (SOAR)
25th
Average Rating
7.0
Reviews Sentiment
6.6
Number of Reviews
2
Ranking in other categories
Threat Intelligence Platforms (TIP) (23rd)
 

Mindshare comparison

As of July 2026, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of Torq is 3.8%, down from 5.7% compared to the previous year. The mindshare of Blink Ops is 1.4%, up from 1.3% compared to the previous year. The mindshare of ThreatQ is 1.4%, up from 1.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR) Mindshare Distribution
ProductMindshare (%)
Torq3.8%
Blink Ops1.4%
ThreatQ1.4%
Other93.4%
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

AD
Solutions Architect at ProArch
Automation has streamlined multi-tenant SOC workflows and improves alert handling efficiency
Although the reporting within Torq is not that great, we did ask for many features regarding reporting in Torq, but due to some platform constraints, they could not make the whole dataset available for us to be used in reporting. Except for that, we used some basic reporting. When I used Torq, it was indeed in the early stages of AI capabilities. Only a few customers were allowed to use it, and we were among them. It functioned well as long as we summarized the data properly. If you input garbage, you would get garbage out. Thus, we had to do significant fine-tuning regarding what data context we provided to the AI orchestrator to get meaningful results. In terms of Torq's unified platform approach to AI SOC automation and case management compared to managing multiple point solutions across my security stack, I find it case-centric. The unified view in case management is good since it provides clarity, although there are limitations regarding how many items in case management can be modified at once. Bulk operations are very limited, potentially due to their back-end database or data retrieval processes that can be improved. Regarding improvements for Torq, when we were onboarded, there were aspects we were uncertain about, such as the number of cases that could be generated, what data we could bring in, how many clients we could onboard, and similar concerns. Initially, we also lacked clarity about the number of playbooks or workflows we could build. Different triggers like system triggers, case-based triggers, and others can be employed without restrictions, but when it comes to on-demand and scheduled jobs, there is a limitation based on the subscription and pricing tier that notably caps the number of workflows we can create. No bulk editing across cases was one issue, along with limited filtering related to single grouping constraints. Additionally, the out-of-the-box case templates provided require substantial modifications before they become usable. There is also a feature in the cases for notes that cannot be searched. They are only visible through the UI, which is another area for improvement. The workflow and execution-based charges seem misleading as this was not discussed initially. I am not sure if new customers are made aware of this. It seems that workflows revolving around cases hinder functionality outside of case management, as we have many use cases needing on-demand triggers and schedules for functions like reporting or polling devices. Creating additional workflows to achieve basic functionalities raises costs significantly, which disadvantages customers. While they facilitate optimization and scaling, the support received tends to be very basic. Improvements can be made in that area as well.
AH
CEO at cybovate
Workflow automation has transformed SOC decisions and now manages security workload effectively
At the moment, I have no idea what an improvement can be because my feeling is Blink Ops can be deployed on-site in a hybrid mode or in the cloud. Hybrid mode means more or less the cloud environment running within the cloud. In Switzerland, I have seen quite a few clients where discussions happened and they said they do not want to go to cloud and want to run it on-premises. But the solution is just too big to run on-premises. Having a smaller version on-premises would be helpful, but my feeling is that is hard to achieve because the solution is just too big and too diverse to run on-premises. The other thing is also the support model. Support models normally work if platforms are accessible from outside, but if I need to go within the company and do some modifications on the platform within the company, it is normally just time-consuming. This limits some of the use cases in some clients if they say, okay, we are a nuclear power plant and we do not want anyone coming from outside. At the moment, nothing else comes to my mind because I would say Blink Ops is a comprehensive platform and sometimes I feel people are overwhelmed. Maybe one thing I have had twice now, and I am not sure if this would be a Blink Ops topic or also one of the competitors. On CRM platforms, if someone changes from one CRM platform to the other CRM platform, there are always converters. From one music platform to the other music platform, there are converters. I think that is quite often missing. People struggle and said they had an automation platform or quite often they have seven or several automation platforms and say they want to reduce to, for example, two different platforms and want to get rid of the other ones. But then sometimes it is quite often a redevelopment, especially if it was a no-coding platform and everything is in code. Then normally it requires a huge transformation project. I think really helping the clients understand what the other platform does and then maybe on this level, just having the wizard would be fine. But my feeling is that migrating from one platform to the other is quite difficult.
Yasir Akram - PeerSpot reviewer
Software Engineer at Freelancer
Good reporting and pretty stable but needs to be simpler to use
The support team of ThreatQ set up a VM on our VPN, which was SlashNext's private VPN. Then we just initiated some system calls and ThreatQ provided us the configuration file with our settings (like our email, our API key, our URL, our category, etc.). They set up a VM on our private VPN cloud. And then they provided us the configuration file in which we just entered our details like our company URL, our API category, and API keys et cetera. We could just add it on the configuration file. We just uploaded it to the ThreatQ server. After running the system calls, we just initiated the ThreatQ and then performed tasks on the UI, such as categorizing the reports. If we only wanted the report for phishing, then we just manipulated the data on the UI and just extracted the reports. That's all. The deployment was complex. We used high hardware specifications. I don't remember the exact specifications, however, I recall them being high. There were some services that had some compatibility errors. That's why we had our VMs - to make sure that the customer would not face any errors. Everything's deployed with high specifications and custom specifications. That was the biggest challenge for us - to deploy on the customer VMs. On average, deployment takes 15-20 minutes if it's deployed without any errors. I was with one of the NetOps network admin during deployment. We were only two people and we just deployed and installed all services and we executed the deployment.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Any request that comes in, regardless of how complex it is, I can accomplish it with Torq."
"Using that one piece of AI, we auto-closed 511 cases in quarter four alone."
"Torq has helped a lot regarding SOC analyst efficiency."
"Torq's unified platform approach to AI, SOAR, automation, and case management is superior compared to my experience managing multiple point solutions."
"Almost four or five hours of work is now completed in four or five minutes."
"What I appreciate most about Torq is that it is an essential part of our system."
"If I review about 100 vendors that I might work with, Torq is definitely in the top five that gave me personally investment back, just because every bit of effort I put into Torq eventually became a workflow that gave it back to me."
"As an analyst, it has demonstrated potential to reduce workforce requirements and time needed for related activities."
"I really appreciate the accuracy of prompt engineering and the GUI that Blink offers, as it allows us to evaluate before testing exactly how the workflow will look."
"I would say Blink Ops has probably the best technical support of all my vendors."
"The reporting services are great. With reporting services, if you have customers that just visit a URL you can see the result - including why it's blocked and how and how the URL was first recognized as malicious."
"Integrating the solution with our existing security tools and workflows was easy."
 

Cons

"I wish Torq's AI assistant for building templated workflows from scratch worked better; when you start with a blank slate, asking AI to help you build or template the workflow out does not go well."
"The initial deployment of Torq was not easy."
"Additionally, the documentation for Torq is not very clear. Most of the information is presented in videos, which are not ideal for reading; there are mostly paragraphs and other text-based content."
"Torq does extensive marketing saying that SOAR is dead and markets itself as an all-in-one solution, but this is not actually true."
"Regarding the pricing of Torq, I would say it is expensive."
"The workflow and execution-based charges seem misleading as this was not discussed initially, and creating additional workflows to achieve basic functionalities raises costs significantly, which disadvantages customers."
"Regarding stability, I have noticed some lagging, crashing, and downtime, which is one of my largest gripes."
"It was able to capture data but was unable to differentiate between the agent hostname we are using and the hostname that resides on the back end of the Internet."
"The current LLM in Blink is quite accurate, but it still requires a lot of optimization because after a few prompts, it starts creating random responses, which sometimes is problematic."
"At the moment, nothing else comes to my mind because I would say Blink Ops is a comprehensive platform and sometimes I feel people are overwhelmed."
"The tool is not user-friendly."
"The solution should be simpler for the end-user in terms of reporting and navigating the product."
report
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
13%
Construction Company
10%
Manufacturing Company
10%
Comms Service Provider
9%
Manufacturing Company
18%
Financial Services Firm
11%
Insurance Company
8%
Comms Service Provider
8%
Financial Services Firm
21%
Construction Company
8%
Manufacturing Company
8%
Educational Organization
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business4
Midsize Enterprise5
Large Enterprise6
No data available
No data available
 

Questions from the Community

What needs improvement with Torq?
I do not dislike anything about Torq because it has satisfied all of our use cases and requirements. We contacted sup...
What is your primary use case for Torq?
Initially, we were using Slack for small automations, such as creating pipelines or shutting down servers. For exampl...
What advice do you have for others considering Torq?
I have been working for five years with experience in the IT field. Torq is very good. It manages everything. I would...
What needs improvement with Blink Ops?
At the moment, I have no idea what an improvement can be because my feeling is Blink Ops can be deployed on-site in a...
What is your primary use case for Blink Ops?
I have several use cases rather than a single one. When we start engagements, it is often for the SOC team on the SOA...
What advice do you have for others considering Blink Ops?
I would say also on automation, there is a need to have the least privilege or a zero trust approach because the agen...
Ask a question
Earn 20 points
 

Comparisons

 

Overview

 

Sample Customers

Information Not Available
Information Not Available
Radar, Bitdefender, Crowdstrike, FireEye, IBM Security
Find out what your peers are saying about Blink Ops vs. ThreatQ and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.