Torq Integration Setup
This guide walks you through integrating Torq with RAD Security for no-code security automation, enabling you to automatically create, update, and manage security tickets while streamlining threat detection and response workflows. Torq provides a no-code security automation platform that empowers SOC teams to mitigate alert fatigue, false positives, and staff burnout through AI-driven workflows.Prerequisites
Before you begin, ensure you have:- Access to Torq with admin privileges
- Ability to generate API credentials (Client ID and Client Secret) in Torq
- Access to RAD Security workspace with integration permissions
API Access Required: This integration requires API access in your Torq subscription. Verify that your subscription level includes API capabilities.
Step 1: Generate Torq API Credentials
1
Log in to Torq
Log in to your Torq account with administrator privileges
2
Navigate to API Settings
- Go to your account settings or workspace settings
- Navigate to the API or Integrations section
3
Create API Credentials
- Click Create New Client or Generate API Key
- Enter a name for the integration (e.g., “RAD Security Integration”)
- Copy the Client ID that appears
- Copy the Client Secret that appears
Save these credentials immediately! The Client Secret may only be displayed once. Store both values securely.
Refer to Torq’s API documentation for detailed instructions on generating API credentials specific to your Torq version.
Step 2: Configure in RAD Security
Navigate to your RAD Security workspace and configure the Torq integration with the following parameters:Required Parameters
| Parameter | Description | Example |
|---|---|---|
| Client ID | The Client ID from Step 1 | your-client-id-here |
| Client Secret | The Client Secret from Step 1 | your-client-secret-here |
Custom field mappings can be configured after the initial connection is established, allowing you to map RAD Security fields to custom Torq fields (optionally scoped per project).
Verify Integration
After completing the setup, verify your integration is working:- Navigate to Data Sources > Integrations > Ticketing in RAD Security
- Locate your Torq integration
- Check the connection status shows as Connected
- Test by creating a sample ticket from RAD Security
Your Torq integration is now configured! RAD Security can now automatically create and manage security tickets in Torq.
What Data is Synced
Once configured, RAD Security will sync the following with Torq:Ticket Creation
Ticket Creation
- Automatically create Torq tickets for security incidents
- Include detailed incident context and metadata
- Attach relevant threat intelligence
- Add affected assets and resources
- Include remediation recommendations
Ticket Updates
Ticket Updates
- Update ticket status in both systems
- Sync comments and activity
- Track resolution progress
- Update priority and severity
- Maintain audit trail
Custom Field Mapping
Custom Field Mapping
- Map RAD Security fields to Torq fields
- Configure custom field values
- Set default ticket types
- Define priority mappings
- Configure per-project field mappings
Workflow Triggers
Workflow Triggers
- Trigger Torq workflows on ticket creation
- Execute automated response actions
- Initiate investigation playbooks
- Route tickets to appropriate teams
- Orchestrate multi-step remediation
Use Cases
Automated Incident Response
Automatically create Torq tickets when RAD Security detects threats, triggering automated response workflows.
Alert Triage Automation
Automatically prioritize and route high-volume alerts to appropriate teams through Torq workflows.
No-Code Orchestration
Leverage Torq’s no-code workflows to orchestrate complex security responses based on RAD Security detections.
Compliance Tracking
Track compliance issues and remediation efforts through Torq’s ticketing and reporting capabilities.
Troubleshooting
Authentication Failed
Authentication Failed
Possible causes:
- Client ID is incorrect
- Client Secret is incorrect or expired
- API credentials were revoked
- Insufficient permissions on the API client
- Verify Client ID is copied correctly (no extra spaces)
- Check that Client Secret is copied correctly
- Regenerate API credentials in Torq if needed
- Ensure the API client has necessary permissions
- Test credentials using Torq’s API testing tools
Connection Failed
Connection Failed
Possible causes:
- Torq API endpoint is unreachable
- Network connectivity issues
- Firewall blocking API requests
- Torq service outage
- Verify Torq service status
- Check network connectivity from RAD Security
- Review firewall rules
- Whitelist RAD Security IP addresses if needed
- Contact Torq support if service appears down
Tickets Not Creating
Tickets Not Creating
Possible causes:
- API client lacks ticket creation permissions
- Custom field mappings are incorrect
- Required fields are missing
- Workflow configuration issues
- Verify API client has ticket creation permissions
- Review custom field mappings
- Check that all required fields are mapped
- Test ticket creation manually in Torq
- Review RAD Security integration logs for errors
Field Mapping Issues
Field Mapping Issues
Possible causes:
- Custom fields don’t exist in Torq
- Field types don’t match
- Invalid field values
- Project-specific field restrictions
- Verify custom fields exist in Torq
- Check field type compatibility
- Validate field value formats
- Review project-specific field requirements
- Update field mappings in RAD Security
Workflow Not Triggering
Workflow Not Triggering
Possible causes:
- Workflow disabled in Torq
- Trigger conditions not met
- Workflow configuration errors
- API client lacks workflow execution permissions
- Verify workflow is enabled in Torq
- Check workflow trigger conditions
- Review workflow configuration
- Ensure API client has workflow permissions
- Test workflow manually in Torq
- Check Torq workflow execution logs
Security Best Practices
Rotate Credentials Regularly
Periodically regenerate Client ID and Client Secret as part of your security hygiene practices.
Least Privilege Access
Only grant the minimum API permissions required for ticket management and workflow execution.
Secure Credential Storage
Store API credentials in a secure password manager or secrets vault. Never commit them to version control.
Monitor API Activity
Regularly review API usage in Torq to detect anomalous activity or unauthorized access.
Audit Integration Activity
Periodically review tickets created by the integration to ensure proper operation.
Test Workflows
Regularly test automated workflows to ensure they function as expected when triggered by RAD Security.
Additional Resources
Torq Documentation
Official Torq support and documentation
Torq API Documentation
Learn about Torq’s API capabilities and endpoints