Google SecOps is a cloud-native security operations platform provided by Google.

Use Google SecOps to trigger workflows in Torq

Prerequisites

Before you begin:

Ensure you have access to the Templates page in Torq and have at least the Creator role in your workspace with the apikey.read scope.
Ensure you have permissions to create integrations in Google SecOps Response.

Navigate to the integration: Go to Build > Integrations > Trigger > Webhook and click Add Instance.
Add the first integration instance for creating cases:
1. Give the integration a unique and meaningful name. It will be used to trigger a workflow that creates a case.
2. Add an authentication header and copy the generated header secret.
3. Click Add.
Add the second integration instance for running workflows:
1. Give the integration a unique and meaningful name. It will be used to trigger a workflow that runs a workflow action.
2. Add an authentication header and copy the generated header secret.
3. Click Add.
Copy the webhook URLs: Copy the generated endpoints to save them for later—you will need them to create the two integration instances in Google SecOps.

Navigate to the workflow templates: Go to Build > Templates and import both the Create a Case from a Google SecOps Response Integration workflow and the Example - Run a Workflow from a Google SecOps Response Integration workflow.
1. The first workflow sends the Google SecOps event payload to the Torq webhook trigger, creates a case from the event, and returns the case ID to Google SecOps.
2. The second workflow sends the Google SecOps event payload to the Torq webhook trigger, executes the steps, and then Google SecOps optionally polls Torq to retrieve the execution status and output.
Configure the triggers: Open each workflow's trigger and select the relevant webhook integration instance.

You need to create a service API key in Torq to allow Google SecOps to poll Torq for workflow execution results.

Navigate to API Keys: In Torq, click your user icon or avatar at the bottom of the side menu and select API Keys.
Create a key: Click Create API Key.
1. Enter a meaningful key name.
2. Select a predefined expiration date, or choose a specific date by clicking Select from calendar.
3. Toggle the API key Type to Service.
4. Select the Workspace Viewer role or a custom role with the Workflow Management > View existing workflows scope.
5. Click Create to generate the new service key.
Save the credentials: Copy and securely store the client ID and secret for later—you will need them in Google SecOps.

Open Google SecOps: Go to Content Hub in the side menu and select the Response Integrations tab.
Install the Torq integration: Search for the Torq integration and click Install.
Create the first instance: Go to Response > Integrations Setup in the side menu and click + at the top right to create an instance for the create case workflow.
1. Select the Torq integration.
2. Click Save.
3. Enter a meaningful name, such as Create case.
4. For webhook secret, paste the header secret you copied earlier.
5. For Torq URL, paste the webhook URL you copied earlier.
6. (Optional) For Client ID, paste the client ID you copied earlier when creating the API key in Torq.
7. (Optional) For Client Secret, paste the client secret you copied earlier when creating the API key in Torq.
8. For Region, select the region of your Torq workspace.
9. Click Save.
10. Click the instance's Configure Instance icon to reopen the modal.
11. Click Test to validate the webhook's connectivity and any credentials.
Create the second instance: Repeat the process above for the second workflow using the relevant endpoint and webhook header secret. Once the instance has been saved, do a test run to validate the webhook's connectivity and any credentials.