SentinelOne integrates with Torq to empower security teams
SentinelOne has announced a new integration with Torq, a no-code security automation platform. The combination of SentinelOne and Torq allows security teams to accelerate response time, reduce alert fatigue, and improve overall security posture, the company states.
Torq chief innovation officer Eldad Livni says, “SentinelOne's powerful intelligence and protection helps security teams protect their employees and customers - no matter how complex the environment.
"With Torq, security teams can extend the power of SentinelOne to systems across the organisation to automate workflows, respond faster, maintain/boost compliance to benefit from a proactive security posture.
The SentinelOne integration with Torq combines SentinelOne's detection and protection with Torq's no-code automation, enabling customers to limit alert fatigue, respond to threats at machine speed, and proactively identify and remediate risks, the company states.
Torq is focused on making it easy for security teams to create automated workflows, with a drag and drop workflow builder and hundreds of templates aligned with industry best practices and frameworks from MITRE and NIST.
With robust data from SentinelOne, the Torq solution has access to more high-fidelity threat data for improved enrichment, accelerated response times, and alert fatigue reduction.
Torq workflows can listen for SentinelOne alerts, and ingest these to trigger action in any security or operations tool. The solution deploys out-of-the-box in minutes with no coding, installation, or ‘connectors' needed.
According to the company, additional key benefits of the integration include the following:
- Real-time threat enrichment: Automatically enrich alerts from any system with data directly from SentinelOne Singularity.
- Automated remediation: Remediate threats with fully autonomous or partially autonomous remediation workflows to accelerate mean time to respond.
- Optimise SOC workflows: Clearly and quickly orchestrate threat hunting, information sharing, and ticket creation for vulnerability management.
- Bot-driven collaboration: Create no-code interactive chat bots that allow users to perform critical actions, run deep visibility queries, or control SentinelOne endpoints from within Slack or other chat tools.
SentinelOne head of technical partnerships Ruby Sharma says, “The SentinelOne-Torq integration provides joint customers with a powerful combination of best-in-breed automated security solutions.
“Not only are customers utilising industry leading endpoint protection and XDR, they also have access to innovative security automation tools that can accelerate workflow automation. We are pleased to make this integration available via the Singularity Marketplace, and we look forward to expanding our offerings to address even more use cases.
SentinelOne's cybersecurity solution encompasses AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous XDR platform. The SentinelOne-Torq integration is available via SentinelOne's Singularity Marketplace.