Torq Secures $140M Series D to Lead the AI SOC Era
Torq closed a $140 million Series D round at a $1.2 billion valuation, bringing total funding to $332 million. Merlin Ventures led the round with participation from Evolution Equity Partners, Notable Capital, Bessemer Venture Partners, Insight Partners, and Greenfield Partners.
The focus is clear: scale adoption of Torq's AI SOC Platform. It centers on three pillars-advanced hyperautomation, alert triage, and fatigue reduction-to push security operations toward full operational autonomy across large enterprises and public sector teams.
For the full announcement and multimedia, see the official release on Business Wire.
Why Operations Leaders Should Care
Alert queues keep growing. Headcount doesn't. Torq's approach leans into AI Agents that handle repeatable work with minimal setup, so analysts can focus on verified threats and higher-value projects.
- 100% triage on low-fidelity alerts cuts investigation time by up to 90% and routes only high-impact issues to humans.
- Self-service agent builder lets SOC teams create and deploy agents without heavy professional services-managing dramatically more alerts with the same team.
- Enterprise proof: Fortune 100 and Fortune 500 SOCs run millions of tasks per day through Torq. Named customers include Marriott, PepsiCo, Procter & Gamble, Siemens, Uber, and Virgin Atlantic.
What's Different vs. Legacy SOAR/SIEM Add-ons
- Agentic architecture for investigations and response, not just static playbooks.
- Outcome-first design that emphasizes triage coverage, analyst fatigue reduction, and faster time-to-containment.
- Bottom-up adoption where analysts and engineers can author agents that stick-no long consulting cycles required.
Customer Outcomes Highlighted
Valvoline reports a go-live impact within 48 hours: automated phishing triage, faster alert handling, automatic containment, and analysts getting hours back for strategic work.
Virgin Atlantic notes simpler operations, better coverage across the stack, and use of Torq as an umbrella platform for security operations.
Federal and Public Sector Momentum
With Merlin Ventures' deep government network, Torq is stepping deeper into federal and public sector environments. Expect increased focus on compliance needs like FedRAMP and deployment patterns that support critical infrastructure at scale.
Key Product Pillars
- Triage and alert investigation coverage: Immediate handling of low-fidelity alerts so humans work on what matters.
- Self-service agent platform: Build, test, and manage agents end-to-end, enabling a lean team to handle far more volume.
Practical Next Steps for Your SOC
- Pick 2-3 high-volume workflows: phishing triage, alert enrichment, containment actions.
- Define success: MTTA/MTTR, % auto-closed low-fidelity alerts, analyst hours saved, false-positive rate.
- Phase rollout: monitor-only → human-in-the-loop approvals → limited autonomy for low-risk actions → broader autonomy with guardrails.
- Set guardrails: role-based access, audit trails, versioning, kill switches, time-bound policies.
- Map integrations: SIEM/EDR, email security, identity, ticketing; confirm API limits and event volumes upfront.
- Build new runbooks: update escalation paths, shift staffing, and training to reflect agent-driven workflows.
Funding Snapshot
- $140M Series D at a $1.2B valuation; total funding now $332M.
- Led by Merlin Ventures with Evolution Equity Partners, Notable Capital, Bessemer Venture Partners, Insight Partners, and Greenfield Partners.
- Acquisition of RevRod strengthened Torq's multi-agent security capabilities.
The Bottom Line
AI Agents are moving from theory to day-to-day SOC work. If your backlog and burnout metrics are trending the wrong way, start a focused pilot on triage and containment, then expand as you prove measurable wins.
If you're building skills for AI-driven operations, explore curated options by role here: Complete AI Training - Courses by Job.
Your membership also unlocks:
