What is our primary use case?
For Torq, first of all, it's a hyperautomation and AI assistant usage. Our EDR SentinelOne is integrated in Torq and besides the vendor itself having hyperautomation abilities, Torq helps me to analyze incidents and to respond to incidents more quickly and more efficiently.
Torq's AI SOC automation case management is much faster and more efficient compared to the manual tools I have used before. Torq is an ideal assistant for AI SOC in automation challenges.
Torq changed the day-to-day experience for my security analysts. They are more confident and can test more approaches in the security operation center every day as workflows and routine.
What is most valuable?
I rely on Torq's AI assistant in most of my incident response and in building right and less complex workflows for automation.
Torq helped me also in some infrastructure and ticketing challenges, for example, to organize the ticketing system in our company, but I am still in a process of learning about Torq and realizing different scenarios using Torq.
The most valuable feature of Torq is hyperautomation and AI assistant because the quality of speed and recommendation from the AI assistant is really high. Another outstanding feature is that you don't need to write code. There is a library of prepared scripts or JSON scripts which can be right and adapted. You can face quite complex challenges without a programming background and can successfully solve these issues and challenges.
Torq's no-code library helps me to be more efficient and respond to incidents more flexibly. The support of the AI assistant makes my actions more efficient and quicker.
What needs improvement?
The only thing is more out-of-the-box integrations. Torq already has a lot of supported integrations and adding new ones is not difficult, but for some customers, it's easier to have a plug and play interface to start onboarding.
We didn't evaluate other options because we tested Torq and we liked it.
At this stage, I have no additional suggestions. I will update my review several months later and maybe then I will have some suggestions to prove and to what in addition I would like to see in the solution.
I can't evaluate Torq's agentic AI, but I think in my next review, I can provide more information.
For how long have I used the solution?
I have been using Torq for the last six months.
What do I think about the stability of the solution?
I haven't experienced any downtime or technical issues while running the platform.
What do I think about the scalability of the solution?
Torq can handle growth and increase easily without any downtime or lack of service.
How are customer service and support?
Customer support is responsive and helpful, but most of my questions were more how-to questions.
Which solution did I use previously and why did I switch?
I used online SIEMs with integrated SOARs, not online but on-premises, and we switched because it was too slow and too inefficient to use.
How was the initial setup?
From my point of view, Torq has excellent documentation and a support portal. You can find literally everything on the support portal. There are visual manuals and quite simple instructions for onboarding and for every use case you can imagine in your infrastructure.
My advice would be to test Torq in your environment, ask as many questions as possible during POC and refer to documentation in cases you feel not confident about your new solution.
What about the implementation team?
At this stage, we are just customers of Torq.
What was our ROI?
Regarding Torq's pricing and license costs, as long as our existing team started to work more efficiently and quicker, I think we have quite a return of investment and we suppose to add more security management center tools. The return of investment is also the money we saved not adding another security tool. For me and for our security stack, it's about 30% return on investment.
What's my experience with pricing, setup cost, and licensing?
Torq is a standalone solution from Torq providers.
Which other solutions did I evaluate?
We didn't evaluate other options because we tested Torq and we liked it.
What other advice do I have?
I think I have told everything about Torq that I can share at this stage, but I am still in the process of learning the platform and I still think that there are many more features which can be adapted and can be used inside the company.
According to positive outcomes, Torq reduced manual work and made incident response more efficient. From Torq workflows, I learn much more about my company ecosystem. This also reflects on the defensive side of the company. I see the gaps that I had according to incidents and I can fix and address the gaps relying on knowledge I get from automation results.
I think the speed of work increased minimum by 50%, but I think with more automation and more optimization, we can make this result much better.
The easiness of integration, good quality of support and good quality of documentation make this product easy to work with. From what I see, the vendor itself is oriented on improvement, which means that they will not stop at the level they reached by now.
I am quite confident in Torq because I have checked, for example, compliance to ISO 27001 and this is the most relevant standard here in Georgia. I trust in Torq and I trust in the security compliance the platform provides.
Torq's AI recommendations are consistently helpful. There was no case when the system provided me with a false recommendation or inaccurate response.
Alert fatigue is something I would like Torq to help me address.
My overall rating for this review is 10.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Disclosure: My company does not have a business relationship with this vendor other than being a customer.