|
Logo
|
IBM Product |
App Name |
Description |
Notes |
URL |
 |
QRadar SIEM |
IBM QRadar Security Threat Monitoring Content Extension |
Additional rule content focusing on threat indicators and threat intelligence feed integration. |
Updated rule: "New High Priority Target Detected",Updated the following widgets on the Attack surface management dashboard : New High Risk Targets Widget and High Risk Targets-Pie Widget |
Link |
 |
QRadar SIEM |
Netskope Security Cloud DSM |
The Netskope security cloud provides unrivaled visibility and real-time data and threat protection when accessing cloud. |
Added support for CTEP Alert and Incident Event.,Added CEPs to extract new Webtx formats. |
Link |
 |
QRadar SIEM |
ITS Userventory Light - QRadar v7.3.3FP6+/7.4.1FP2+ |
Compile all your corporate user accounts into a single view for easy lookups during audits or incident investigations |
|
Link |
|
QRadar SIEM |
QRadar Pulse - QRadar v750UP3+ |
Take the pulse of your network vulnerabilities with our new dashboard app. |
Security vulnerability fixes |
Link |
 |
QRadar SOAR |
MISP |
Creates Events, Attributes and Sightings in MISP from incidents and artifacts in SOAR |
Bug fix for selftest.,Updated code to use latest MISP format.,Removed rules/workflows and added playbooks. |
Link |
 |
QRadar SOAR |
ISC SANS |
Perform an IP address scan and gather all associated data from the Internet Storm Center database. |
|
Link |
 |
QRadar SOAR |
EclecticIQ Intelligence Center Integration for QRadar SOAR |
Integration provides support for EclecticIQ Threat Intelligence Platform software as a Custom Threat Service component. |
Added compatibility with EclecticIQ Intelligence Center version 3.,Users can now use Intelligence Center API tokens to authenticate. |
Link |
|
QRadar SIEM |
IBM QRadar Content Extension for Sysmon |
Detects advanced threats in Windows endpoints using Sysmon logs. |
Updated expression for custom property "Image" to more effectively match target strings. |
Link |
 |
QRadar SIEM |
Nozomi Networks Universal - QRadar v7.5.0+ |
The Nozomi Networks Universal app empowers the QRadar user with the data coming from a Sensor or Vantage. |
|
Link |
 |
QRadar SIEM |
Flowmon QRadar App - 7.4.2 Patch 3 |
Flowmon Application for QRadar is an extension connecting IBM QRadar with events and flows from Flowmon Solution. |
|
Link |
 |
QRadar SIEM |
Flowmon ADS Content Pack |
An extension providing customized DSM (Log Source Extension) and set of correlation rules. |
Support of new Flowmon ADS detection methods including correlations.,Added IPv6 parsing. |
Link |
|
QRadar SIEM |
IBM QRadar Endpoint Content Extension |
QRadar extension pack for Endpoint Exploit Behavior |
Updated Service Configured to Use a Pipe rule |
Link |
|
QRadar Suite UAX |
Sysdig Universal Data Insights Connector |
Run QRadar Suite federated investigations against Sysdig |
|
Link |
 |
QRadar SIEM |
QDATA LDAP Data Enrichment - QRadar v7.3.3FP6+/7.4.1FP2+ |
QDATA syncs QRadar Reference Sets and Tables content with information from Active Directory/any LDAP-based storage |
Retry Limit parameter added,Stability fixes |
Link |
 |
QRadar SIEM |
Claroty xDome DSM |
Claroty xDome DSM enables IBM QRadar to parse communication events and alerts into relevant fields. |
Mapped Claroty’s xDome data of Servers and interface incidents, Change log of Device Changes alerts, and more Alert types.,The mapping includes custom fields of incidents, such as Interface Name, and custom fields of Change Log, such as Change Alerted Attribute.,Added events and alerts fields of OT Activity field, Event Extra Info fields (such as Other Device Asset ID and Other Device IP), End of Life fields, and Device change fields. |
Link |
 |
QRadar SOAR |
Palo Alto Networks Panorama Integration for SOAR |
Integration to allow communications from SOAR to Panorama. |
Convert from rules/workflows to playbooks,Updated Panorama api version to v9.1 |
Link |
 |
QRadar SOAR |
McAfee ePO Integration for SOAR |
The McAfee ePO functions allow for manipilation of tags, systems, users, issues, policies and permission sets on the McA |
Convert from rule/workflows to playbooks |
Link |
 |
QRadar SIEM |
QRadar Use Case Manager - QRadar 7.5.0+ |
Manage and tune the use cases in your environment and assess your security posture with the MITRE ATT&CK Framework. |
Added support for MITRE ATT&CK v14.1.,Updated packages with known vulnerabilities.,QRadar Use Case Manager is now only supported on QRadar 7.5.0 or later. |
Link |
 |
QRadar SOAR |
Utility Functions for SOAR |
Useful workflow functions for common automation and integration activities in the SOAR platform |
Remove rest_header from logs in fn_call_rest_api,This app is now deprecated. See replacement apps listed below. |
Link |
 |
QRadar SOAR |
Data Feeder ODBC Plugin for SOAR |
This extension allows you to maintain "replica" data for SOAR system data using ODBC-based databases. |
Support for task notes. Better error handling for incident and attachment conditions. Retry logic added when db updates fail.,Sync Incidents now uses a playbook. |
Link |
 |
QRadar SOAR |
Rapid7 InsightIDR for SOAR |
This app allows bi-directional synchronization between Rapid7 InsightIDR investigations and IBM SOAR incidents/cases. |
|
Link |