Startups > Torq

Torq

Torq automates security threat response using AI agents for enterprise SOCs.
Series D $332M total Founded 2020 Tel Aviv, Tel Aviv 387 employees
Torq is an AI-driven security hyperautomation platform that automates threat detection, investigation, prioritization, and response across enterprise security operations. The platform uses agentic AI (notably its Socrates agent) to autonomously handle alert triage, case management, and threat remediation at scale, claiming to resolve 95% of Tier-1 alerts without human intervention. It serves Fortune 500 enterprises and MSSPs seeking to reduce mean time to respond (MTTR) and investigation overhead, positioning itself as an open, modern alternative to monolithic legacy SOAR platforms from Palo Alto Networks and Splunk.
Problem solved
Enterprise SOCs are overwhelmed by alert fatigue and manual investigation work, causing delayed threat response and wasted analyst cycles on routine triage tasks.
Target customer
Fortune 500 enterprises, multinational corporations, and MSSPs with mature SOC operations and high alert volumes; organizations with legacy SOAR platforms seeking modernization.
Website LinkedIn Crunchbase Twitter / X
Founders
O
Ofer Smadari
CEO & Co-Founder
20+ years in cybersecurity with Go-To-Market expertise; built and sold Luminate Security to Symantec for $200M+ and had another company acquired by Microsoft.
L
Leonid Belkind
CTO & Co-Founder
Co-founded Luminate Security, pioneering ZTNA and SASE technology before Symantec acquisition.
E
Eldad Livni
CINO & Co-Founder
Previous experience scaling security platforms at Luminate Security and Twistlock.
Funding history
Series A Unknown January 2021 Led by GGV Capital
Series B $50M December 2021 Led by Insight Partners · SentinelOne, Bessemer Venture Partners
Series B Extension $42M January 2024 Led by Bessemer Venture Partners · GGV Capital, Insight Partners, Greenfield Partners, Evolution Equity Partners
Series C $70M September 2024 Led by Evolution Equity Partners · Bessemer Venture Partners, GGV Capital, Insight Partners, Greenfield Partners, Notable Capital
Series D $140M January 2026 Led by Merlin Ventures · Evolution Equity Partners, Notable Capital, Bessemer Venture Partners, Insight Partners, Greenfield Partners, J.P. Morgan Private Bank
Total raised: $332M
Industries
Artificial Intelligence (AI) Cloud Security Cyber Security Software
Pricing
Enterprise pricing model starting at $150,000+ annual base fee plus usage-based charges for AI agent workflows. Contact sales for custom quotes.
Notable customers
Marriott, PepsiCo, Procter & Gamble, Siemens, Uber, Virgin Atlantic, Blackstone, Carvana, Check Point Security, Chipotle, Deepwatch, Lemonade, Lennar, Nubank, Rivian, SentinelOne, Telefonica, Wiz, ZoomInfo, Abnormal Security, Armis, Kenvue, RSM
Integrations
Unknown (platform claims open integration architecture supporting custom tool connections)
Tech stack
lit-element (JavaScript libraries) lit-html (JavaScript libraries) jQuery Migrate (JavaScript libraries) jQuery (JavaScript libraries) Swiper (JavaScript libraries) AOS (JavaScript libraries) Zendesk (Documentation) LottieFiles (CMS) Open Graph WordPress (Blogs) Sentry (Issue trackers) HSTS (Security) Detectify (Security) Typekit (Font scripts) Twitter Emoji (Font scripts) Google Font API (Font scripts) PHP (Programming languages) Apple iCloud Mail (Webmail) Google Workspace (Email) Unpkg (CDN) jsDelivr (CDN) Cloudflare (CDN) HubSpot (Marketing automation) MySQL (Databases) Google Tag Manager (Tag managers) Salesforce (CRM) Yoast SEO Premium (SEO) Yoast SEO (SEO) WP Engine (PaaS) OneTrust (Cookie compliance) chili piper (appointment scheduling) Priority Hints (Performance)
Website
torq.io/
Competitors
Palo Alto Networks SOAR
Entrenched legacy SOAR with tightly integrated platform; Torq emphasizes open architecture and ease of custom integrations.
Splunk SOAR
Monolithic platform deeply integrated with SIEM; Torq is purpose-built for hyperautomation with native agentic AI.
Swimlane
SOAR platform with automation capabilities; Torq differentiates with autonomous AI agents handling end-to-end case resolution.
Tines
Lightweight automation platform focused on alert workflows; Torq targets enterprise-scale orchestration with deeper AI-driven investigation.
D3 Security
Modular SOAR alternative; Torq emphasizes AI-driven autonomous response over manual playbook execution.
Why this matters: Torq represents the next evolution of security automation beyond traditional SOAR—moving from rule-based playbooks to autonomous AI agents capable of investigating and remediating threats without human involvement. With $332M in funding, backing from top-tier investors, and proven traction across Fortune 500 companies, it's one of the fastest-growing players in a $2B+ security automation market, directly addressing the critical SOC analyst shortage.
Best for: Enterprise SOCs and MSSPs managing hundreds of alerts daily who need to reduce analyst toil, accelerate threat response, and achieve higher automation rates without extensive custom development.
Use cases
Alert Triage and Enrichment at Scale
Security teams receive thousands of daily alerts from SIEM, XDR, and detection tools. Torq's AI agents ingest, correlate, and enrich these alerts in real-time, identifying true positives and automatically resolving low-risk findings. This reduces analyst time spent on routine triage by 90%+ and allows teams to focus on high-fidelity threats.
Autonomous Threat Investigation and Remediation
When a critical threat is detected, Torq's Socrates agent autonomously investigates by querying endpoints, logs, identity systems, and threat intelligence without human input. For remediable threats (credential reset, file deletion, process termination), it executes remediation automatically, resolving Tier-1 incidents in minutes instead of hours.
SOAR Migration and Platform Modernization
Large enterprises with aging Palo Alto Networks or Splunk SOAR deployments face rigid, monolithic systems. Torq's open platform enables seamless migration of existing playbooks and workflows with quicker implementation (6 weeks for end-to-end case management per Kenvue case study) and improved flexibility for future customization.
MSSP Customer Automation and Scale
MSSPs managing hundreds of customer environments struggle to scale manual SOC operations. Torq allows MSPs to automate 90%+ of Tier-1/Tier-2 work across all customer accounts, enabling one analyst to cover more clients and reducing per-customer SOC costs significantly (RSM case study: migrated 200+ customers in 3 weeks).
Alternatives
CrowdStrike SOAR Tightly integrated with CrowdStrike's EDR platform; choose if you're a heavy CrowdStrike user and want native integration over open architecture.
Microsoft Sentinel Automation Cloud-native SIEM with built-in automation; choose if your primary tooling is Microsoft Azure and you want an all-in-one platform.
Ibm Resilient Enterprise SOAR focused on incident response workflows; choose for organizations with complex regulatory and compliance requirements.
FAQ
What does Torq do? +
Torq is an AI-driven security hyperautomation platform that automates threat detection, investigation, prioritization, and response. It uses autonomous AI agents (particularly Socrates) to ingest security alerts from SIEM/XDR tools, correlate and enrich them, triage false positives, investigate complex threats, and execute automated remediation—all without manual analyst intervention. It claims to resolve 95% of Tier-1 alerts and many Tier-2 tasks autonomously.
How much does Torq cost? +
Torq uses enterprise pricing starting at $150,000+ per year as a base fee, plus additional charges for AI agent usage that scale with workflow complexity. Exact pricing is custom and requires contacting their sales team based on organization size, alert volume, and feature requirements.
What are alternatives to Torq? +
Major alternatives include Palo Alto Networks SOAR (legacy, monolithic), Splunk SOAR (integrated with SIEM), Swimlane (modular SOAR), Tines (lightweight automation), D3 Security (modular SOAR), CrowdStrike SOAR (EDR-integrated), and Microsoft Sentinel Automation (cloud-native SIEM). Torq differentiates with autonomous agentic AI and open architecture vs. closed platforms.
Who uses Torq? +
Fortune 500 enterprises and MSSPs managing large-scale SOC operations. Named customers include Marriott, PepsiCo, P&G, Siemens, Uber, Virgin Atlantic, Blackstone, Carvana, and dozens of others. Organizations typically have 100+ daily alerts and seek to reduce analyst overhead and MTTR.
How does Torq compare to Palo Alto Networks SOAR? +
Palo Alto SOAR is a monolithic, tightly integrated platform within the Palo Alto ecosystem; Torq emphasizes an open architecture that connects to any security tool without vendor lock-in. Torq's native agentic AI provides autonomous investigation and remediation, while Palo Alto relies more on structured playbooks. Torq is purpose-built for modern hyperautomation; Palo Alto targets legacy enterprises with existing Palo Alto investments.
Is Torq suitable for mid-market companies? +
Torq is primarily positioned for enterprise and large MSSP environments handling high alert volumes. The $150,000+ base fee and complexity of implementation make it a better fit for organizations with 50+ security analysts or multi-thousand daily alert volumes. Smaller mid-market SOCs might find lighter alternatives like Tines or Swimlane more cost-effective.
Tags
security automation SOAR AI agents threat response MTTR reduction hyperautomation SOC operations