ANY.RUN integrates with Torq to speed SOC triage

ANY.RUN announced a new integration with Torq on June 25, 2026, aimed at giving security teams faster verdicts, richer alert context and less false-positive noise. The linkup combines ANY.RUN’s malware and phishing intelligence with Torq’s AI SOC platform to help SOCs and MSSPs resolve incidents more quickly.

Why it matters: - The integration is designed to help SOCs and MSSPs cut alert fatigue and separate real threats from false positives faster. - ANY.RUN’s verdicts and enrichment feed Torq’s AI SOC Platform, which can shorten incident resolution and reduce the manual work required for Tier 1 triage. - ANY.RUN says the setup reduces mean time to respond by an average of 21 minutes.

What happened: - ANY.RUN announced a new integration with Torq on June 25, 2026, in Dubai, United Arab Emirates. - The integration connects ANY.RUN’s malware and phishing verdicts, actionable intelligence and real-time enrichment with the Torq AI SOC Platform. - ANY.RUN also joined the Torq AMP Alliance Program, a builder-focused initiative for agentic AI cybersecurity tools.

The details: - ANY.RUN users get access to five ready-to-use Torq HyperAgents™ built to accelerate time-to-verdict. - The HyperAgents use ANY.RUN’s Interactive Sandbox and Threat Intelligence Lookup to provide verified behavior and fresh IOC context. - Results such as reputation data, threat names, tags and structured JSON responses flow into Torq Case Management. - Analysts can review the context without leaving their primary workspace. - The integration is enabled through the Torq Integrations menu by entering an API key. - Users can then deploy custom Torq HyperAgents to streamline investigation and response. - Torq says its AMP partners include cybersecurity vendors focused on agentic AI innovation. - Torq CINO and Co-Founder Eldad Livni said ANY.RUN brings solutions with “maximum impact” as the companies work on the AI SOC.

Between the lines: - The partnership shows how security vendors are packaging analysis, enrichment and orchestration into a single workflow. - The goal is not just faster alerts. The larger shift is toward standardized, AI-assisted investigation logic that reduces dependence on individual analyst experience. - ANY.RUN’s scale claim also signals a broad installed base: more than 600,000 cybersecurity professionals and 15,000+ organizations worldwide.

What's next: - Security teams using Torq can begin enabling the integration immediately. - The companies are likely positioning the partnership as part of a broader push to automate more of the SOC workflow with agentic AI. - ANY.RUN directs users to learn more about the integration on the company’s blog and on ANY.RUN’s social channels.

The bottom line: - ANY.RUN and Torq are tying malware analysis to SOC automation in a bid to make triage faster, more consistent and less noisy.