Torq, a leading provider of security hyper-automation solutions, has recently unveiled a groundbreaking AI agent called Socrates. Leveraging large language models (LLMs), Socrates is designed to revolutionize security operations by addressing alert fatigue, false positives, and job burnout experienced by security analysts. By automating critical security activities, Socrates enables cybersecurity teams to focus on high-priority tasks and strategic impacts.
Socrates empowers cybersecurity teams by offering automated contextual alert triaging, incident investigation, and response capabilities. Utilizing intelligence signals from diverse security ecosystems, this AI agent autonomously drives remediation actions. With continuous learning and evolution, Socrates becomes an extension of Security Operations Center (SOC) teams, assisting in prioritizing potential threats and categorizing security incidents.
Leonid Belkind, the Co-founder and CTO of Torq, believes that Socrates is a game-changer in the industry. “Socrates is the industry’s first AI agent built to perform complex multi-phase tasks related to triage, containment, and remediation of security issues,” says Belkind. With its state-of-the-art architecture leveraging LLMs, Socrates can interpret and analyze tasks described in natural language, providing enterprise-grade security hyper-automation.
Ofer Smadari, the CEO and Co-founder of Torq, anticipates a significant transformation in the security industry. “I anticipate 90% of Tier-1 and Tier-2 tickets will be resolved autonomously. This represents a complete shift in how the industry thinks about SecOps,” says Smadari. By allowing AI to handle a substantial portion of Tier-1 and Tier-2 responses, security professionals can focus on strategic impacts and outcomes.
The ReAct Approach
At the core of Socrates lies the ReAct (Reason + Act) LLM approach, which combines AI-based reasoning with actionable methodologies derived from organizations’ unique SOC playbooks. Torq’s human-in-the-loop automation ensures that sensitive decisions and actions remain under the control of human operators, promoting responsible AI adoption. This integrated approach empowers security analysts to stay in control while benefiting from well-documented responses and success criteria for future decision-making.
One of the main challenges faced by security analysts is the repetitive nature of their tasks, particularly for Tier-1 analysts responsible for security event triage. Belkind suggests that this leaves little room for creativity and human ingenuity, causing “alert fatigue” and job burnout, especially considering the understaffed state of many security operations organizations. Furthermore, the adoption of hybrid cloud technologies has led to a constant increase in incoming security events. Socrates aims to alleviate these challenges by automating tasks and enabling security analysts to focus on strategic and proactive activities.
Designed as a horizontally scalable cloud-native orchestrator, Socrates can handle tasks related to security processes. With various isolation levels, the AI agent seamlessly integrates with an organization’s IT stack, including infrastructure, security, communication, and other tools. The agent optimally utilizes the infrastructure by executing multiple actions simultaneously, efficiently processing a substantial volume of events and data sources within the service level agreement (SLA).
Belkind emphasizes that Torq’s responsible AI architecture ensures privacy and control remain intact. The Torq Socrates AI agent is confined to invoking complete workflows, masking data sources and parts of the data. By establishing an immutable audit trail for every action and adhering to a predefined allow-list, the agent operates within data privacy controls integrated into workflows. This guarantees that sensitive data remains protected, and actions can be monitored and traced.
As a company founded by security practitioners, Torq understands the importance of real-life scenarios. They collaborate with Enterprise and MSSP organizations to expose Socrates to actual security events and provide operational guidelines to their SOC/SecOps teams. By field-testing their technological breakthrough, Torq ensures that Socrates delivers real value to the security industry.
Availability
Torq has announced the limited availability of Socrates to select enterprise organizations. This groundbreaking AI agent promises to transform security operations and enable security professionals to focus on strategic priorities while automating critical security activities.
Torq’s Socrates AI agent offers a revolutionary approach to security operations. By alleviating alert fatigue, false positives, and job burnout, Socrates enables security analysts to focus on critical security incidents and strategic impacts. With its advanced architecture and integration capabilities, Socrates aims to transform the industry and empower cybersecurity teams to stay one step ahead in the ever-evolving landscape of cyber threats.
Leave a Reply