IBM Security SOAR

 View Only

Welcome to the IBM Security SOAR User Community
Join us to learn more from a community of collaborative experts, who will help you take full advantage of the most advanced, battle-tested SOAR technology. IBM Security SOAR is the leading technology for orchestrating and automating incident response processes. Collaborate, communicate, and contribute solutions with like-minded Resilient users right here.

As a member of this online user community, you gain:

  • Direct engagement with IBM subject matter experts
  • Tips and tricks from your industry peers
  • News, announcements, and enhancement details

You’ll also get information regarding our regional and virtual user group meetings, upcoming webinars, how-to blogs, and training. We invite you to participate and ask that you contact with any questions.

IBM Security SOAR Resources

Search Group

Latest Blogs

  • Our following Python Libraries have been updated to version 43.1.2656 : ...

    1 person recommends this.
  • We have previously communicated changes in VirusTotals license terms and of our intention to adhere to those terms and its impact on current public API key usage. ...

  • Hi all, This post aims to share the new feature we made in the v43 version of SOAR to allow Functions to be able to publish updates to the Artifacts listed in the Incident. It provides the capability to extract a table from the built-in or custom Threat ...

    4 people recommend this.
  • This guide shows a quick and simple way to integrate your IBM SOAR with Forcepoint SMC in order to manipulate firewall IP List objects via REST APIs. The use case chosen for this integration blocks IP artifacts on Forcepoint NGFW. This use case can be ...

    2 people recommend this.
  • Earlier this year, VirusTotal changed their license terms ( A consequence of which, is that Public API keys are now limited to 500 queries per day. As our service deals with this you ...

    3 people recommend this.

Join the Discussion

  • Posted in: IBM Security SOAR

    HI All, I reverted my Master and DR snapshot and saw this message when doing "sudo resDrStatus" Postgresql Replication Status: Not running, Retained transactions=33495984 bytes File Replication Status: Running (Synced) Both postgresql-9.6 and resilient-filesync ...

  • Posted in: IBM Security SOAR

    Hi. I have a doubt about the sizing of SOAR (CPU/Mem/etc) and its performance. I was running some very basic tests here, using jmeter, to create incidents via REST and processing a simple python script for each one. My feeling is that increasing ...

  • Posted in: IBM Security SOAR

    The data context of an Email parsing script does not have a top-level object called 'incident'. This code finds the incidents you are interested in: incidents = helper.findIncidents(query) if len(incidents) == 0:"Incident Not Found") else: ...

  • Posted in: IBM Security SOAR

    I haven't used the app so you can take my words in that light.... The docs indicate that the app connects to JIRA using the JIRA url using either AUTH or BASIC: It looks like this app uses this python library: So you ...

  • Posted in: IBM Security SOAR

    Thank you both for your replies! ​ ------------------------------ Liam Mahoney ------------------------------