Cybersecurity automation solutions provider, Torq, has released an AI-based capability, dubbed Torq Socrates, to help organizations track, prioritize, and respond to critical security threats.\n\nThe offering combines intelligence signals from across organizations\u2019 security ecosystems to drive autonomous remediation, while learning and evolving as it analyzes security events, according to the company.\n\n\u201cTorq Socrates is a rare example of a breakthrough innovation that aims at changing the rules of the game, putting AI in the \u2018pilot\u2019 action seat while introducing a responsible AI adoption architecture, leaving the control over the activities strictly \u2018in the hands\u2019 of analysts and architects,\u201d said Leonid Belkind, co-founder and chief technology officer of Torq.\n\nTorq Socrates is now available on a limited availability basis to select enterprise organizations. Torq will showcase its capabilities at the upcoming Black Hat conference next week.\n\nTorq\u2019s AI automates security response\n\nTorq Socrates is designed to use AI for automating key security operation activities, including alert triage, contextual data enrichment, incident investigation, escalation, and response. For this, the AI model uses open source data.\n\n\u201cThe unique property of Torq Socrates is that it is built on top of off-the-shelf commercial and open source Large Language AI Models (LLMs), instead of developing dedicated models trained on specific data,\u201d Belkind said.\n\nThe AI Agent serves as a \u201cconnective tissue\u201d between the LLM capabilities and the organizational tools and data, according to Belkind.\n\nThe agent also leverages public documents \u2014 including security frameworks like the MITRE Att&ck \u2014 to describe security operations procedures and other relevant materials used in its model training, and to contextualize the outcomes of events and actions.\n\nSocrates is powered by LLMs\n\nTorq Socrates is based on LLMs that analyze and understand each organization\u2019s unique SOC playbooks and adapt responses accordingly.\n\n\u201cIt is based on the ReAct (Reason + Act) LLM approach that interleaves AI-based reasoning with an informed, continuously updated actionable methodology,\u201d Belkind said.\n\n\u201cLLM analyzes the tool output (provided in a potentially large, structured document format) to extract the information critical to deciding on the next action to be taken according to the operational guidelines,\u201d he added. \u201cFor example: \u2018Is the sample malicious?\u2019 \u2018Is the user a VIP?\u2019 and \u2018Have any activities matching a specific pattern been found?\u2019.\u201d \n\nSocrates is based on Torq workflows only, and provisions operating within organization-defined parameters, the company said explaining why Socrates should be considered safe AI. The agent implements a human-in-the-loop approach that requires human approval in order to perform potentially disruptive actions such as quarantining an executive\u2019s laptop or blocking entire network segments, according to Torq.