Application security teams are surfacing more findings than ever, but the path from detection to resolution remains painfully slow. Alerts pile up across disconnected tools. SOC analysts lack the application context needed to triage effectively. Developers wait on manual handoffs before they can act. According to Gartner’s “Application Security Strategy 2026” report, 43% of organizations are still at the lowest maturity level for application security, struggling to operationalize findings and close the loop between detection and remediation.
Torq and OX Security have partnered to bridge this gap, connecting application security findings directly to automated SOC workflows. Together, they give security operations teams the context they need to triage faster and route remediation to the right owners without manual intervention.
Torq and OX Security: Hyperautomating AppSec
Torq and OX deliver a unified solution for application security and security operations. OX identifies and prioritizes the most critical vulnerabilities across the SDLC using its context-driven, evidence-based approach. Torq then ingests those findings into its AI SOC platform, automatically triaging alerts, creating tickets, and either auto-remediating issues in real time or escalating critical remediation actions to the right teams for follow up.
This partnership eliminates the manual handoffs between AppSec and SecOps, reducing mean time to remediation and ensuring that high-priority findings are acted on immediately rather than lost in a queue.
Torq + OX Benefits
Automated Triage from Detection to Ticket
OX identifies high-impact vulnerabilities using exploitability, reachability, and business impact scoring. When a critical finding triggers a workflow, Torq automatically triages the alert, opens a ticket with full prioritization context from OX, and consolidates related issues to reduce duplicate noise.
Full Context Across AppSec and SecOps
OX provides deep application context including affected repositories, code owners, and CI/CD pipeline data. Torq enriches this with operational context from 300+ integrated security tools, giving SOC analysts and developers a complete picture without switching between platforms.
Faster Remediation Through Intelligent Routing
Torq’s AI-driven workflows connect findings directly to the responsible code owner with OX’s recommended remediation steps. Developers receive clear, actionable alerts through Slack, Teams, Jira or their ticketing system of choice, eliminating cross-team friction.
How to Use Torq + OX Security
Integration Overview
The Torq + OX integration feeds application security findings to automated SOC workflows through a webhook-based architecture. When OX identifies a critical vulnerability, such as an exploitable CVE or exposed secret, the workflow triggers a webhook to Torq with a structured payload containing related finding details, severity, and recommended actions.
Torq then executes the configured steps, enabling security teams to:
- Automatically triage and prioritize AppSec findings based on OX-provided severity and business impact
- Create and assign tickets in Jira, ServiceNow, or other systems with full remediation context
- Route alerts directly to code owners through Slack, Teams, or email
- Consolidate related findings into unified cases to reduce alert fatigue
Step-by-Step Workflow
- OX Security scans source code and CI/CD pipelines, detecting and prioritizing critical vulnerabilities using its context-aware engine
- A workflow condition in OX triggers a webhook to Torq with a payload containing finding details, affected assets, and remediation guidance
- Torq ingests the payload and executes the configured automation: triaging the alert, assigning prioritization, and opening a ticket
- Torq routes the finding to the responsible code owner with OX’s recommended fix, tracking the case through resolution
About Torq
Torq is the enterprise AI SOC platform transforming how enterprises manage risk. Using adaptive agentic reasoning and automation, Torq identifies, prioritizes, and remediates critical threats at machine speed, slashing MTTI and MTTR while amplifying productivity. Global leaders like PepsiCo, Procter & Gamble, Siemens, Telefónica, and Virgin Atlantic trust Torq to power the next generation of AI-driven security operations.
For more information, visit torq.io.
About OX Security
OX Security is an Application Security Platform that enables evidence-based risk prioritization across the entire software development lifecycle from design to runtime. Founded in 2021 by Neatsun Ziv and Lior Arzi following the SolarWinds breach, OX was built to cut through the noise of generic alerts and help teams focus on the 5% of risks that truly matter. Its proprietary model evaluates exploitability, reachability, and business impact to ensure critical issues are caught before they’re exploited.
How will you connect your AppSec findings to automated responses?
Book a demo to see how OX and Torq work together to bridge application security and security operations.
Learn more about the OX and Torq partnership.
