IBM Security SOAR

Welcome to the IBM Security SOAR User Community
Join us to learn more from a community of collaborative experts, who will help you take full advantage of the most advanced, battle-tested SOAR technology. IBM Security SOAR is the leading technology for orchestrating and automating incident response processes. Collaborate, communicate, and contribute solutions with like-minded Resilient users right here.

As a member of this online user community, you gain:

  • Direct engagement with IBM subject matter experts
  • Tips and tricks from your industry peers
  • News, announcements, and enhancement details

You’ll also get information regarding our regional and virtual user group meetings, upcoming webinars, how-to blogs, and training. We invite you to participate and ask that you contact with any questions.

IBM Security SOAR Resources

Search Group

Latest Blogs

  • IBM SOAR (Resilient) Customer Support and IBM Security Learning Services and have teamed up to bring you Troubleshooting and Best Practices for IBM App Host for IBM Security SOAR Open Mic web seminar. This live event will be held on Thursday May 13 ...

  • Following the announcement that IBM Resilient is renamed IBM Security SOAR, I wanted to explain a difference customers should be aware of when raising cases with the support team. When navigating the IBM support portal ( ...

  • Overview The v38.2 release of Resilient SOAR includes the new Python 3 scripting feature which enables security developers to create Python 3 scripts as a part of an incident or case response right in the UI. Scripting in Resilient is not new and until ...

    1 person recommends this.
  • Overview The v39.0.226 release of the Resilient SDK brings about a number of new features and improvements. Included with this is the release of its clone command which represents the finished migration of the command from the resilient-circuits package. ...

  • We are pleased to announce the general availability of the Artifacts Management , IBM Security SOAR’s new artifacts-centric view that allows your security team to triage, investigate, and remediate incidents faster. This new aggregated view provides ...

    2 people recommend this.

Latest Files

Join the Discussion

  • Posted in: IBM Security SOAR

    Hi Pawet, The first place you're going to start is configuring your app.config file with the Microsoft Teams' webhooks. Each webhook will refer to a different channel for sending messages. You will label your channels in any meaningful way for your ...

  • Posted in: IBM Security SOAR

    Condition points are currently being worked on and should appear in the product shortly. You are correct in that Playbooks are not yet at feature parity with workflows. Ben ------------------------------ Ben Lurie ------------------------------

  • Posted in: IBM Security SOAR

    Hi Brian, Here's one that sounded like it might meet your needs, though I suspect you want something more permanent ? ------------------------------ Martin Feeney Product Manager, IBM ...

  • Posted in: IBM Security SOAR

    Hello! Looking to move my rules / workflows over to the new Playbooks feature added in v 40.2.73. I'd like to consolidate some of the rules into one playbook; however, I'm not able to add the 'conditional point' in the Decisions Point section of the playbook ...

  • Posted in: IBM Security SOAR

    Hi Chuck, We used the color themes as a way to make it obvious if we were in our production environment (vs development). So I wouldn't say we care about the light color theme going away, but we would like a way to make the development environment visually ...