Torq is an AI SOC platform that combines agentic AI with deterministic automation to handle the complete alert lifecycle. The Torq + SailPoint Identity Security Cloud integration lets security and identity teams orchestrate identity-driven response actions directly from their existing SOC workflows — without writing custom code or maintaining brittle scripts. By embedding SailPoint ISC's identity governance capabilities into Torq's automation fabric, joint customers can react to threats, access anomalies, and compliance events in seconds rather than hours. The integration delivers a comprehensive library of pre-built steps spanning identity lifecycle, access reviews, certifications, role and entitlement management, and source/account operations. Common use cases include automated account disablement on threat detection, just-in-time access provisioning tied to ticket approval, certification campaign orchestration triggered by risk signals, and identity context enrichment for SOC investigations. The result: faster mean-time-to-respond on identity-related incidents, reduced manual toil for IAM teams, and a unified automation layer across security and identity tooling.
Support Level: Technology Partner Delivered
This connector is developed and supported by Torq. For assistance, please reach out to support@torq.io
Supported Use Cases
- Account Disablement / Enablement / Unlock
- Account Creation and Updates (via source-specific account actions)
- Entitlement Aggregation (read entitlements, entitlement details, entitlement requests)
- Role Assignment and Revocation (via access requests and role membership APIs)
- Certification Campaign Creation and Management
- Access Request Submission, Approval, and Status Tracking
- Lifecycle State Transitions
- Source Account Aggregation (trigger and monitor)
- Identity Search and Attribute Retrieval
- Workgroup Membership Management
Related Documentation
Torq AI SOC Integration Document
