Logo
|
IBM Product |
App Name |
Description |
Notes |
URL |
![Extension Icon](https://exchange.xforce.ibmcloud.com/api/hub/extensionsNew/c7b0bd3cdbe132ea41561a84fa9cd688/ibmextensionlogo200x72.png) |
QRadar SIEM |
IBM QRadar Security Threat Monitoring Content Extension |
Additional rule content focusing on threat indicators and threat intelligence feed integration. |
Updated rule: "New High Priority Target Detected",Updated the following widgets on the Attack surface management dashboard : New High Risk Targets Widget and High Risk Targets-Pie Widget |
Link |
![Extension Icon](https://exchange.xforce.ibmcloud.com/api/hub/extensionsNew/3c42755b733799db227bdf40a25e1182/New_200x72_.png) |
QRadar SIEM |
Netskope Security Cloud DSM |
The Netskope security cloud provides unrivaled visibility and real-time data and threat protection when accessing cloud. |
Added support for CTEP Alert and Incident Event.,Added CEPs to extract new Webtx formats. |
Link |
![Extension Icon](https://exchange.xforce.ibmcloud.com/api/hub/extensionsNew/dce081d79ede0e35ff49c18e4e8effa6/userventory-logo-small.png) |
QRadar SIEM |
ITS Userventory Light - QRadar v7.3.3FP6+/7.4.1FP2+ |
Compile all your corporate user accounts into a single view for easy lookups during audits or incident investigations |
|
Link |
![Extension Icon](https://exchange.xforce.ibmcloud.com/api/hub/extensionsNew/c7b0bd3cdbe132ea41561a84fa9cd688/ibmextensionlogo200x72.png) |
QRadar SIEM |
QRadar Pulse - QRadar v750UP3+ |
Take the pulse of your network vulnerabilities with our new dashboard app. |
Security vulnerability fixes |
Link |
![Extension Icon](https://exchange.xforce.ibmcloud.com/api/hub/extensionsNew/6f0dcc13d7881e6ab471f0f6e2c8a92a/misp_app_logo.png) |
QRadar SOAR |
MISP |
Creates Events, Attributes and Sightings in MISP from incidents and artifacts in SOAR |
Bug fix for selftest.,Updated code to use latest MISP format.,Removed rules/workflows and added playbooks. |
Link |
![Extension Icon](https://exchange.xforce.ibmcloud.com/api/hub/extensionsNew/3d84c3be3640011143bede8ba48396b8/app_logo.png) |
QRadar SOAR |
ISC SANS |
Perform an IP address scan and gather all associated data from the Internet Storm Center database. |
|
Link |
![Extension Icon](https://exchange.xforce.ibmcloud.com/api/hub/extensionsNew/4b5aa8d6a1bb0e6c0e42f64dcade081a/logo.png) |
QRadar SOAR |
EclecticIQ Intelligence Center Integration for QRadar SOAR |
Integration provides support for EclecticIQ Threat Intelligence Platform software as a Custom Threat Service component. |
Added compatibility with EclecticIQ Intelligence Center version 3.,Users can now use Intelligence Center API tokens to authenticate. |
Link |
![Extension Icon](https://exchange.xforce.ibmcloud.com/api/hub/extensionsNew/c7b0bd3cdbe132ea41561a84fa9cd688/ibmextensionlogo200x72.png) |
QRadar SIEM |
IBM QRadar Content Extension for Sysmon |
Detects advanced threats in Windows endpoints using Sysmon logs. |
Updated expression for custom property "Image" to more effectively match target strings. |
Link |
![Extension Icon](https://exchange.xforce.ibmcloud.com/api/hub/extensionsNew/347c4db12ac2f6768f2d7442a87805c9/Extension-logo.png) |
QRadar SIEM |
Nozomi Networks Universal - QRadar v7.5.0+ |
The Nozomi Networks Universal app empowers the QRadar user with the data coming from a Sensor or Vantage. |
|
Link |
![Extension Icon](https://exchange.xforce.ibmcloud.com/api/hub/extensionsNew/85b455df1ad5bf49f72117b2210642fa/Progress-Flowmon-Primary-Logo-gray-200x72.png) |
QRadar SIEM |
Flowmon QRadar App - 7.4.2 Patch 3 |
Flowmon Application for QRadar is an extension connecting IBM QRadar with events and flows from Flowmon Solution. |
|
Link |
![Extension Icon](https://exchange.xforce.ibmcloud.com/api/hub/extensionsNew/7c31bfe7f06dea8792a8a82cde430007/Progress-Flowmon-Primary-Logo-gray-200x72.png) |
QRadar SIEM |
Flowmon ADS Content Pack |
An extension providing customized DSM (Log Source Extension) and set of correlation rules. |
Support of new Flowmon ADS detection methods including correlations.,Added IPv6 parsing. |
Link |
![Extension Icon](https://exchange.xforce.ibmcloud.com/api/hub/extensionsNew/c7b0bd3cdbe132ea41561a84fa9cd688/ibmextensionlogo200x72.png) |
QRadar SIEM |
IBM QRadar Endpoint Content Extension |
QRadar extension pack for Endpoint Exploit Behavior |
Updated Service Configured to Use a Pipe rule |
Link |
![Extension Icon](https://exchange.xforce.ibmcloud.com/api/hub/extensionsNew/c7b0bd3cdbe132ea41561a84fa9cd688/ibmextensionlogo200x72.png) |
QRadar Suite UAX |
Sysdig Universal Data Insights Connector |
Run QRadar Suite federated investigations against Sysdig |
|
Link |
![Extension Icon](https://exchange.xforce.ibmcloud.com/api/hub/extensionsNew/5c4e92a24f01b3cb3303fee7af5db09b/QDATA_market_logo.png) |
QRadar SIEM |
QDATA LDAP Data Enrichment - QRadar v7.3.3FP6+/7.4.1FP2+ |
QDATA syncs QRadar Reference Sets and Tables content with information from Active Directory/any LDAP-based storage |
Retry Limit parameter added,Stability fixes |
Link |
![Extension Icon](https://exchange.xforce.ibmcloud.com/api/hub/extensionsNew/8f5588499e935884d219b1bdf2edf692/claroty_logo1.png) |
QRadar SIEM |
Claroty xDome DSM |
Claroty xDome DSM enables IBM QRadar to parse communication events and alerts into relevant fields. |
Mapped Claroty’s xDome data of Servers and interface incidents, Change log of Device Changes alerts, and more Alert types.,The mapping includes custom fields of incidents, such as Interface Name, and custom fields of Change Log, such as Change Alerted Attribute.,Added events and alerts fields of OT Activity field, Event Extra Info fields (such as Other Device Asset ID and Other Device IP), End of Life fields, and Device change fields. |
Link |
![Extension Icon](https://exchange.xforce.ibmcloud.com/api/hub/extensionsNew/e52c179cfefe05a9d4ff7c6627de084b/app_logo.png) |
QRadar SOAR |
Palo Alto Networks Panorama Integration for SOAR |
Integration to allow communications from SOAR to Panorama. |
Convert from rules/workflows to playbooks,Updated Panorama api version to v9.1 |
Link |
![Extension Icon](https://exchange.xforce.ibmcloud.com/api/hub/extensionsNew/7f4a228e9ca6eabf68fa80841cd0df3b/app_logo.png) |
QRadar SOAR |
McAfee ePO Integration for SOAR |
The McAfee ePO functions allow for manipilation of tags, systems, users, issues, policies and permission sets on the McA |
Convert from rule/workflows to playbooks |
Link |
![Extension Icon](https://exchange.xforce.ibmcloud.com/api/hub/extensionsNew/cdae07e7d32992bb51528e0b12be5d72/ExtensionLogo200x72.png) |
QRadar SIEM |
QRadar Use Case Manager - QRadar 7.5.0+ |
Manage and tune the use cases in your environment and assess your security posture with the MITRE ATT&CK Framework. |
Added support for MITRE ATT&CK v14.1.,Updated packages with known vulnerabilities.,QRadar Use Case Manager is now only supported on QRadar 7.5.0 or later. |
Link |
![Extension Icon](https://exchange.xforce.ibmcloud.com/api/hub/extensionsNew/d2ae39db9f2942f584930c2f31ef6089/app_logo.png) |
QRadar SOAR |
Utility Functions for SOAR |
Useful workflow functions for common automation and integration activities in the SOAR platform |
Remove rest_header from logs in fn_call_rest_api,This app is now deprecated. See replacement apps listed below. |
Link |
![Extension Icon](https://exchange.xforce.ibmcloud.com/api/hub/extensionsNew/2b39397c032994a74823945ecfac5b62/data_feeder.png) |
QRadar SOAR |
Data Feeder ODBC Plugin for SOAR |
This extension allows you to maintain "replica" data for SOAR system data using ODBC-based databases. |
Support for task notes. Better error handling for incident and attachment conditions. Retry logic added when db updates fail.,Sync Incidents now uses a playbook. |
Link |
![Extension Icon](https://exchange.xforce.ibmcloud.com/api/hub/extensionsNew/86266842e4b0f6538b2b7bf02353b81d/rapid7_insightidr..png) |
QRadar SOAR |
Rapid7 InsightIDR for SOAR |
This app allows bi-directional synchronization between Rapid7 InsightIDR investigations and IBM SOAR incidents/cases. |
|
Link |