Best provider of cyber relevant summaries of incidents and fast threat takedown
What do you like best about the product?
The tool offers flexible features on log analysis, alerting and reporting that we have not been able to find elsewhere. It monitors our firewall from a single console and consolidates all network analysis helping us to proactively identify the threats and vulnerable traffic coming in.
What do you dislike about the product?
No major cons although because not all firewalls are created equal, this tool has better configurations for some firewalls over others.
What problems is the product solving and how is that benefiting you?
Quickly identifies indicators of compromise on our network, brings exposed assets into a co-related threat view, and informs us of predictive security controls streamlining enhanced response.
Detect and delete web threats and malware instantly
What do you like best about the product?
This tool reliably identifies all our network vulnerabilities in a manner compliant with what is decided at the IT infrastructure level, offering protection from all kinds of threats and helping to confidently access sensitive data in the cloud.
What do you dislike about the product?
I am a regular user of Torq and I haven’t faced any issues with it, I consider the tool as an ally of the IT team for securing our network connections.
What problems is the product solving and how is that benefiting you?
Torq offers very good protection to our internet traffic, protects application access, and secures cloud transactions. It is particularly very effective at thwarting fresh threats and the encryption of all computer storage brings extra security to the organization.
Handling threats with precision to ensure up to date network security enhancements
What do you like best about the product?
The network monitoring functions are simpler to set up, and the log data is displayed in a far more appealing manner. It is a complete software since it not only protects the network but also email with anti-spam and anti-phishing protection. I like that it scans endpoints without significant slow down or unnecessary disruptions.
What do you dislike about the product?
I still haven’t found any feature that is unusable or unfriendly, but know that customizing it needs understanding of how endpoint protection works.
What problems is the product solving and how is that benefiting you?
It monitors devices and blocks threats quickly and warns us when we are about to access dangerous programs. It provides the best protection to our workstations by its file protection and network protection.
Comprehensive network analysis to facilitate the review of firewall rules
What do you like best about the product?
The tool covers most of our network analysis requirements, manages all our firewalls, and gives us a single centralized dashboard which is very informative with network security audits.
What do you dislike about the product?
Never faced any issue with this product, the log analysis is definitely great and it’s working accurately.
What problems is the product solving and how is that benefiting you?
The detailed network traffic and bandwidth insights highlights security breaches (if any) in advance, and if it finds a vulnerability it still gives us a clue on how to resolve it.
Powerful firewall monitoring offering deep dive into network activity analysis
What do you like best about the product?
Powerful firewall monitoring and log analysis tool with great built-in reports and compliance tools. It offers a simplified dashboard for reviewing logs, fantastic real-time alerts and bandwidth monitoring.
What do you dislike about the product?
Nothing much to dislike the overall experience with Torq has been good and satisfactory.
What problems is the product solving and how is that benefiting you?
It helps to quickly audit the network to map out different activities with security threat levels, helping contain malicious activities and keep applications secure in the usage of the network resources.
Fast, Reliable Network Protection with Comprehensive Security Stats
What do you like best about the product?
Quick to scan our whole network and I like the fact that after a scan we are provided with protection statistics to effectively block malware and phishing attacks.
What do you dislike about the product?
I don’t have any serious dislike and in my own experience Torq is the most stable and effective defense tool against all sorts of attacks.
What problems is the product solving and how is that benefiting you?
Helps in detecting any kind of threat and providing the best protection ever ensuring we can only access legitimate files and programs while at work.
Finest security tool to detect and block threats affecting digitally
What do you like best about the product?
This is the most accurate tool for maintaining security for Desktop Computers, Laptops, and Mobile devices. The detection level against a wide range of viruses and malware is very satisfactory and provides excellent visibility of threats. The ability ti schedule recurring scanning jobs is helpful and aids in scanning of our network.
What do you dislike about the product?
When a scan fails, it can sometimes be challenging to pinpoint where exactly the communication breakdown is occuring.
What problems is the product solving and how is that benefiting you?
The real time scanning of our systems is efficient and it blocks any malware that appears within our network. It has a tremendous ability to robustly guard our computers against threatening viruses.
Efficient Threat Protection with Fast Log Collection, Minor Startup Lag
What do you like best about the product?
Very quick and efficient in collecting logs from multiple server instances and effectively gathers huge amounts of network events data and allows us to set alerts. Its active threat protection is great, it can do quick scans for network threats, malicious softwares and files.
What do you dislike about the product?
Sometimes it can consume a lot of resources at the start of the operating system, generating slower startup times, which then resolves.
What problems is the product solving and how is that benefiting you?
It provides an effective threat-fighting toolkit covering not only the endpoint protection but also ransom-guard and quick cache management.
Comprehensive Monitoring and Intelligence Log Analysis for Quick Troubleshooting
What do you like best about the product?
Very reliable in log collecting from any IT device and can correlate events for easy investigation during a security event. It’s comprehensive monitoring covers everything from server and network monitoring to real user experience.
What do you dislike about the product?
Due to the rich set of capabilities regarding, searching, transforming and visualizing data it’s sometimes takes time to find all the necessary commands.
What problems is the product solving and how is that benefiting you?
Threat hunting can be done effectively with the help of Torq and also it is providing the powerful threat incident response.
Have found automation to save analyst time but miss more accurate data classification
What is our primary use case?
I used Torq for conducting one of the proof of evaluations for a vendor we are connected with. I am currently working with Omnisoc, which provides SOC services for twenty-three other higher education institutions in the US. As part of vendor evaluations, we used Torq to differentiate between the manual workflow we had and the security automation provided with the Torq AI automation capability.
We have used it to differentiate between our manual workflow and the capability it brought us in creating playbooks for many of the detections we have had. In that scenario, although we are an education organization which deals with education-related logs, we should not have much exposure to the data held at different members. From our research and testing with the tool, we realized there have to be modifications and changes to train the LLM on the back end. It was able to capture data but was unable to differentiate between the agent hostname we are using and the hostname that resides on the back end of the Internet. It was unable to do that sort of classification. We concluded this tool would be more suitable for initial ticket management rather than security automation.
With the use of AI prompts, we were able to start with preparation of the tool through the last chain of niche, which is the remediation part. With the help of prompts, we were able to perform everything present on instant response plan.
How has it helped my organization?
As an analyst, it has demonstrated potential to reduce workforce requirements and time needed for related activities. This has been a significant improvement we have observed from our research with the tool.
What is most valuable?
As someone currently working as an analyst, I can say it has the potential to save significant time and manpower. The amount of workforce needed to perform Taiwan-related activities can be reduced. These are the major improvements we have seen from the research we have conducted with the tool.
What needs improvement?
From our research and testing with the tool, we determined there need to be modifications and changes to train the LLM on the back end. It was able to capture data but was unable to differentiate between the agent hostname we are using and the hostname that resides on the back end of the Internet. It was unable to do that sort of classification. We concluded this tool would be more suitable for initial ticket management rather than security automation.
Regarding data handling, I would give preference to Torq. For case management, Cortex and its dashboards prove more useful. Cortex and Palo's solutions do not have as much capability as Torq provides with the same tools. However, Torq's dashboards could be improved, especially on the case management side.
For how long have I used the solution?
I have been using the solution for the past four months.
How was the initial setup?
The platform team from our company handled the setup. They managed everything from product testing to deploying it to members. As SOC analysts, we only managed what we could do with the data present.
What about the implementation team?
The implementation was handled by a team of three people.
Which other solutions did I evaluate?
Regarding tools, OpenSearch is something I have examined, which is similar to Elasticsearch but provided by AWS. We are also planning to look at Fellows exam because we are seeking a partner who could provide both hardware and software capabilities. We wanted a vendor who could provide an all-in-one solution.
Elasticsearch and Splunk are the tools I have used most extensively. While I do not have direct experience with Sentinel's query language, I believe it is similar to the SPL used in Splunk.
What other advice do I have?
One of our members uses AWS, and we receive their feed. This involves triaging AWS-related logs. While I do not have direct work experience with it, I am familiar with AWS-related services and data-related logs, especially with cloud red logs.
I have conducted this evaluation for four months. Beyond that, I have experience with SIEM and vulnerability management. I have worked on integrations between our case management system and the incident management system in ServiceNow, which we moved to Torq.
I found it particularly intuitive to use, as my previous experience with no-code tools helped me adjust to this software more quickly than my peers. The solution could improve its notification capabilities on the member side, particularly in notifying multiple people.
Since working with the demo version of the product, most scenarios and testing data provided the required use cases and results we were seeking with Torq.
I rate Torq an 8 out of 10.
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
