Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

See how Torq harnesses AI in your SOC to detect, prioritize, and respond to threats faster. Request a Demo When we started building Torq four years ago, we had a thesis: the SOC was broken, and automation — real automation, not another tool bolted onto the stack — was the way to fix it. AI has since changed the game entirely. But has it streamlined the SOC, or introduced new complexity? We wanted to find out.

See how Torq harnesses AI in your SOC to detect, prioritize, and respond to threats faster. Request a Demo Security teams are being asked to move faster and handle more complexity, while the threats they defend against are increasingly AI-assisted. When I wrote about VoidLink in January, my point was simple: you cannot fight machine-speed threats with human-speed defense. Attackers are using AI to code, adapt, and scale attacks while humans are still grinding away doing the heavy lifting in the SOC.

When SOAR emerged around 2015, it was trying to solve a real problem: SOC analysts were drowning in manual, repetitive tasks across disconnected tools. SOAR promised to connect those tools, automate the workflows between them, and give analysts their time back. For a while, it mostly delivered. That era is long dead.

There’s a growing acceptance that AI is no longer optional in security. That battle is largely won. The more interesting question — and the one I keep getting asked — is what we actually believe AI should be responsible for, and where human authority must ultimately sit.

According to the SACR 2025 AI SOC Market Landscape report, 40% of security alerts go uninvestigated. The average alert investigation takes 70 minutes. Meanwhile, attackers achieve breakout in under 48 hours. That math doesn’t work in anyone’s favor — except the adversary’s.

If you’ve been in security operations for more than a few years, you’ve lived through the automation hype cycle at least twice. First, it was SIEM that was going to solve everything. Then SOAR was supposed to fix what SIEM couldn’t. Now, AI SOC platforms are delivering what SOAR always promised but never actually could.

The time between compromise and data exfiltration now occurs before most SOCs finish their first triage. Phishing breaches succeed in under 60 minutes. The average SOC investigation takes 70. This is why financial institutions are operating at a structural disadvantage.

See how Torq harnesses AI in your SOC to detect, prioritize, and respond to threats faster. Request a Demo.

See how Torq harnesses AI in your SOC to detect, prioritize, and respond to threats faster. Request a Demo John White is the Field CISO for EMEA at Torq. A respected security executive with more than 20 years of leadership experience, John previously served as CISO at Virgin Atlantic, where he led a multi-year transformation deploying the Torq AI SOC Platform to modernize cyber operations.

See how Torq harnesses AI in your SOC to detect, prioritize, and respond to threats faster.