IBM Security QRadar SOAR Apps

Welcome to the QRadar SOAR Apps documentation page.

Below you’ll find the documentation for each app that IBM develops and publishes on the IBM Security App Exchange. Included below are details of the objects that each of these QRadar SOAR apps export, for convenient searching and cataloging. We also include the latest release notes as well as an Overview section outlining key features, requirements, and additional context on the supported rules, functions and playbooks (if applicable).

Recently Updated Apps

Recently Updated Apps

• ISC SANS
• Rapid7 InsightIDR
• Palo Alto Panorama
• McAfee ePO
• Data Feeder for ODBC Databases
• Parent/Child Relationships
• REST API
• Salesforce

App Development

App Development

• IBM SOAR Python Documentation

All Apps

All Apps

• AbuseIPDB
• AlienVault OTX
• Anomali Staxx
• Ansible for SOAR
• Ansible Tower
• APIVoid Threat Analysis APIs
• Amazon AWS GuardDuty
• AWS IAM
• AWS Utilities
• Axonius
• Azure Automation Utilities
• BigFix
• BMC Helix
• Calendar Invite
• Cisco Secure Endpoint
• Cisco ASA
• Cisco Umbrella Enforcement
• Cisco Umbrella Investigate
• ClamAV
• Cloud Foundry
• App Host Components
• Cisco WebEx
• Zoom
• CVE Search
• Darktrace
• Datatable Utilities
• ElasticSearch
• Email Header Validation
• Microsoft Exchange
• Microsoft Exchange Online
• ExtraHop
• Google Geocoding
• GitHub
• Google Cloud DLP
• Google Cloud Security Command Center
• Google Safe Browsing
• GreyNoise
• gRPC Interface
• Have I Been Pwned
• HTML to PDF
• Symantec ICDx
• Incident Utilities
• IOC Parser
• IPInfo
• IsItPhishing
• Jira
• Joe Sandbox Analysis
• Kafka
• IBM SOAR LDAP Utilities
• MaaS360
• Mandiant Threat Intelligence
• McAfee ATD
• McAfee ESM
• McAfee OpenDXL
• McAfee TIE
• Microsoft Defender
• Microsoft Security Graph
• Microsoft Sentinel
• MISP
• MITRE ATT&CK
• About MxToolBox
• netMiko
• Network Utilities
• Image OCR
• ODBC Query
• Outbound Email
• PagerDuty
• Parse Utilities
• PassiveTotal
• PasteBin Creator
• Phish.AI
• PhishTank Lookup
• Pipl
• Playbook Maker
• Playbook Utils
• Proofpoint TAP
• Proofpoint TRAP
• Pulsedive
• QRadar Advisor
• QRadar Enhanced Data Migration
• QRadar Integration
• TOR
• Randori
• QRadar EDR
• Remedy
• RSA NetWitness
• SOAR Utilities
• Scheduler
• Secureworks CTP
• SentinelOne
• Symantec Endpoint Protection
• ServiceNow
• Shadowserver
• Shodan
• Siemplify
• Slack
• Snapshot URL
• Spamhaus Lookup
• Splunk
• Symantec DLP
• Task Utilities
• Microsoft Teams
• ThreatMiner
• Timer Function
• Trusteer Pinpoint Detect
• Twilio SMS
• Twitter Search API
• URL to DNS
• URLhaus
• URLScan.io
• Utilities (Deprecated)
• VirusTotal
• VMRay Sandbox Analyzer
• Watson Translate
• Cisco Webex
• Whois
• Whois RDAP
• SOAR Wiki
• Wiz
• IBM XForce Collections
• Yeti
• Zscaler Internet Access
• Data Feed Extension
• Data Feed Elasticsearch Plugin
• Data Feed KafkaFeed Plugin
• Data Feeder for SOAR
• Data Feed plugin for Splunk
• AbuseIPDB Threat Service
• Have I Been Pwned Threat Searcher
• McAfee TIE Threat Searcher
• RiskIQ PassiveTotal
• ShadowServer Threat Service
• URLScan IO Threat Searcher