Jeffrey Schwartz , Contributing Writer January 30, 2026 4 Min Read Source: Blue Planet Studio via Adobe Stock Photo The introduction of native artificial intelligence (AI) capabilities into security operations centers (SOCs) has ushered in what many call "hyper automation," which enables security, orchestration, automation, and response (SOAR) to scale well beyond the restrictions of traditional platforms. Last year, the largest security platform providers, including Cisco/Splunk , CrowdStrike, and Palo Alto Networks , were among those that rolled out upgraded versions of their traditional SOAR solutions, adding native AI capabilities and further integrating them with security information and event management (SIEM) and extended detection and response (XDR). Overwhelmed by the volume of alerts fielded by security analysts, AI is designed to considerably boost automation in their customers' SOCs by enabling virtual agents to take on those tasks. Meanwhile, many startups and smaller players have emerged with alternatives to "legacy" SOAR or enhancements to incumbent SOC automation platforms designed to enable advanced AI capabilities. One that has experienced significant growth in the past two years is Torq, a startup launched in 2020 by Ofer Smadari, Leonid Belkind, and Eldad Livni. The trio co-founded Luminate Security, a provider of software-defined perimeter technology, which they sold to Symantec a year before launching their second act. Although Torq is based in Israel, most customers that have deployed Torq HyperSOC , its AI-native SOC platform built to autonomously manage alert triage, are multinational enterprises based in the United States, with some in London, Germany, and Japan. Among them are Carvana, Marriott, PepsiCo, Procter & Gamble, Siemens, Uber, Valvoline, and Virgin Atlantic, as well as some "unicorn" stage companies, Smadari says. Torq, which is eying an IPO, has amassed over 250 customers, a figure that Smadari says has doubled in the past year. Earlier this month, Torq announced that it had closed a Series D funding round led by Merlin Ventures. The latest $140 million investment brings Torq's total raised to $332 million, boosting its valuation to $1.2 billion. Roughly 30% of Torq's customers are organizations with legacy SOAR platforms from companies such as Palo Alto Networks or Splunk, Smadari says. "Those companies have very monolithic, closed platforms," he tells Dark Reading. "We have an open platform that you can connect anything to easily. It is very easy to implement new processes and very easy to investigate 100% of your security alerts with us." The Torq HyperSOC platform is powered by Socrates , which Torq describes as an "omni-agent" that functions as an autonomous AI SOC analyst that can manage the total security incident life cycle. Torq claims that Socrates' Multi-Agent System (MAS) can resolve 95% of Tier-1 alerts and many Tier-2 tasks without human involvement. Further, Torq has over 200 preconfigured connectors to XDR, identity and access management (IAM), and endpoint detection and response (EDR) offerings, as well as to ticketing systems, cloud services, and various threat intelligence offerings. Because it runs in a serverless, cloud-native environment, the platform's APIs support building custom, no-code connectors that automatically discover schemas. Smadari explains that its open architecture can use Torq's agentic AI models, or customers can build their own using Anthropic's Claude, Google Gemini, and OpenAI's ChatGPT, all of which are predominantly built using Python scripts that run in Torq containers. "Customers can create their own model and just connect and integrate it," he says. Torq is certainly not the only upstart claiming to have modern tools designed to boost SOAR using agentic AI technology. IDC research VP Chris Kissel has identified over 40 players, including those with "freestanding" platforms, such as D3 Security, Swimlane, and Tine. Among others that IDC classifies as SOAR providers that coordinate SOC are Dropzone AI, Intezer and Prophet Security. "This part of the industry is nascent but growing," Kissel says. "Notably, Torq was early to market in the use of AI agents, and they seem to be able to scale. Torq is absolutely a serious player." Despite the recent release of next-generation platforms by established providers, independent industry analyst Francis Odum believes Torq has an advantage, noting that its event-driven architecture delivers up to 5x alert throughput over established SOAR offerings. "Torq challenges incumbents like Splunk and Palo Alto Networks through architectural modernity and operational accessibility that legacy platforms cannot match," Odum says. "Unlike traditional SOAR solutions that require months of professional services and scripting expertise, Torq delivers a cloud-native hyper automation platform with no-code workflow creation, achieving operational outcomes in weeks rather than quarters." About the Author Jeffrey Schwartz Contributing Writer Jeffrey Schwartz is a journalist who has covered information security and all forms of business and enterprise IT, including client computing, data center and cloud infrastructure, and application development for more than 30 years. Jeff is a regular contributor to Channel Futures. Previously, he was editor-in-chief of Redmond magazine and contributed to its sister titles Redmond Channel Partner, Application Development Trends, and Virtualization Review. Earlier, he held editorial roles with CommunicationsWeek, InternetWeek, and VARBusiness. Jeff is based in the New York City suburb of Long Island. See more from Jeffrey Schwartz