IBM Security QRadar SOAR

 View Only

Announcing our QRadar SOAR Plugin v4.1 Release

By Nicholas Barrett posted Tue October 04, 2022 01:52 PM

Hello SOAR community! I'm writing this blog to share some the latest updates around our QRadar SOAR Plugin v4.1 integration, updated on September 29, 2022, and available on the IBM App Exchange here
Integrating QRadar SIEM with QRadar SOAR empowers SOC analysts to simplify and streamline the process for the escalation and management of cases. As offenses are escalated from QRadar SIEM into QRadar SOAR, the platform generates a detailed, incident-specific response plan that enables team members to respond and remediate quickly. This integration aligns with our commitment to a more efficient analyst experience. 
In QRadar Plugin v4.1, we've included updates to support multi-tenancy, as well as support for Org Name for CP4S MSSP (versus the original AccountID field). This is now consistent with QRadar SOAR standalone and simplifies the mapping process. In addition, we've added the choice of fields for Auto Escalation conditions.

To expand on our multi-tenancy capabilities, QRadar plugin v4.1 now allows users to run multiple instances of QRadar Plugin within the same Qradar SIEM. The value of this multi-tenancy capability allows users can now connect to different SOAR instances, or the same SOAR instance with different organizations, from the same QRadar SIEM. With regard to the auto escalation conditions, users have more options on offense fields that they can define rules on for escalation. 
We look forward to hearing any feedback from our Security Community members and appreciate your ongoing relationship with QRadar SOAR.