Torq Raises $140M at $1.2B Valuation for Agentic SOC Infrastructure
Torq closed a $140 million Series D funding round at a $1.2 billion valuation, marking the cybersecurity platform’s entry into unicorn territory as enterprises accelerate adoption of autonomous AI agents for security operations.
The round positions Torq as the definitive leader in the emerging AI SOC (Security Operations Center) category, where traditional reactive security models are being replaced by agentic AI systems capable of autonomous threat investigation and response at enterprise scale.
The Security Operations Bottleneck
Security teams face an overwhelming alert crisis that traditional approaches cannot solve. Modern enterprises generate millions of security alerts daily, but human analysts can only investigate a fraction—creating dangerous blind spots where real threats hide among false positives.
Legacy SOAR (Security Orchestration, Automation and Response) and SIEM (Security Information and Event Management) platforms require extensive manual configuration and struggle with the dynamic nature of modern threat landscapes. The result is a fundamental scaling problem where security effectiveness decreases as organizations grow.
Enterprise CISOs report investigation backlogs measured in weeks, with critical alerts lost in noise and analyst burnout reaching crisis levels across Fortune 500 security operations centers.
Autonomous Investigation Architecture
Torq’s AI SOC platform addresses these limitations through its HyperSOC architecture, which combines agentic AI with enterprise-grade security orchestration. The platform’s AI agents autonomously triage alerts, conduct investigations, and execute response actions without human intervention.
The system achieves 100% alert triage coverage and reduces investigation time by up to 90% through machine learning models that understand threat context, organizational risk profiles, and historical incident patterns. Unlike rule-based automation, Torq’s agents adapt their investigation strategies based on emerging threat intelligence and organizational feedback.
Key technical differentiators include real-time alert correlation across multiple security tools, natural language processing for threat narrative generation, and self-service agent builder capabilities that enable security teams to deploy custom automation without professional services.
Fortune 500 Production Validation
Torq demonstrates enterprise readiness through widespread Fortune 500 adoption, including Marriott, PepsiCo, Procter & Gamble, Siemens, Uber, and Virgin Atlantic. The company reported 300% revenue growth driven by bottom-up adoption where AI agents become embedded in daily SOC operations.
Valvoline CISO Corey Kaemming reported transformative results within 48 hours of deployment: “Our team was using Torq’s AI SOC Platform for automating phishing triage, accelerating alert handling, and reducing response times across the board. Analysts reclaimed hours of time, containment actions became automatic, and the security team evolved from reactive responders to proactive strategists.”
Virgin Atlantic CISO John White emphasized platform consolidation benefits: “Torq is making our security operations simpler and more efficient, and providing us with complete coverage across our security stack. Torq is now our umbrella platform.”
The customer testimonials highlight a common pattern where organizations replace multiple point security tools with Torq’s unified agent orchestration platform, reducing operational complexity while improving security outcomes.
Federal Market Expansion
The Series D round, led by Merlin Ventures—a cybersecurity fund with nearly 30 years of government market experience—accelerates Torq’s expansion into U.S. federal and public sector markets where security automation requirements are particularly acute.
Government agencies face the same alert volume crisis as enterprises but with additional constraints around compliance, data sovereignty, and approval workflows that traditional security tools struggle to navigate. Torq’s agentic approach provides the autonomous capabilities these organizations need while maintaining human oversight and audit trails required for federal deployment.
The Merlin Ventures partnership provides strategic support for complex compliance requirements including FedRAMP authorization, positioning Torq to protect critical national infrastructure through AI-powered security operations.
Infrastructure Category Emergence
Torq’s funding reflects broader market recognition that security operations represents a distinct infrastructure category requiring purpose-built agentic platforms rather than incremental improvements to legacy tools.
The traditional security stack assumes human analysts as the primary decision-makers, with tools providing data and alerts for human interpretation. The agentic SOC inverts this model, positioning AI agents as the primary operators with humans providing strategic oversight and exception handling.
This architectural shift mirrors broader infrastructure evolution across enterprise software, where autonomous systems handle routine operations while humans focus on strategy, policy, and complex problem-solving that requires creativity and business context.
Looking Forward
The next 12 months will test whether Torq’s agentic SOC architecture can scale from Fortune 500 early adopters to become the standard security operations infrastructure across enterprise and government markets.
Key indicators include federal deployment success, platform adoption velocity among mid-market enterprises, and the company’s ability to maintain autonomous capabilities while expanding into new security domains beyond alert triage and incident response.
The broader question facing the security industry is whether agentic AI represents a temporary automation enhancement or a permanent shift toward autonomous security operations that fundamentally reimagine how organizations protect themselves from cyber threats.
Infrastructure orchestration: As security operations evolve toward autonomous AI agents, organizations need platforms that can coordinate complex workflows across multiple systems and stakeholders. Overclock provides the orchestration layer that connects agentic security tools with enterprise operations, enabling seamless integration between autonomous security actions and business processes while maintaining human oversight where needed.