IBM Security QRadar SOAR

This section contains all of the information to administer and use IBM® Security QRadar SOAR Case Management and Orchestration & Automation on IBM Cloud Pak for Security.

Overview

IBM Security QRadar SOAR comprises the Case Management and Orchestration & Automation applications. Case Management provides organizations with the ability to track, manage, and resolve cybersecurity incidents. Orchestration & Automation, which requires a license, provides advanced capabilities to orchestrate and automate response plans.

This collection contains the following product documentation, which you can access in the table of contents. In this documentation, the terms cases and incidents are often used interchangeably.
  • What’s new. A list of new features and enhancements.
  • Getting started. If you are unfamiliar with IBM Security Orchestration & Automation, read this guide first for an overview of the application capabilities, types of personas or roles, and relevant documentation.
  • System administrator. Provides the information to configure and maintain the administrative part of the application. This includes managing users, groups, and roles, and more.
  • Playbook designer. The guides in this section provide the information to create and manage playbooks. It includes the information for creating an integration server which you use to deploy Python-based extensions to expand the scope of the Orchestration & Automation application in your environment.
  • Case management team. Provides information for users involved with case and incident response. This includes managing cases, responding to tasks, performing statistical analysis, and more.
  • Apps. This section provide the procedures to install and deploy an App Host, required to run apps. It also includes the procedures to create an integration server which you can use to deploy apps in the earlier extension format.
  • Tutorials. This section provides detailed information on how to configure the application, for example, how to configure Orchestration & Automation to consume inbound emails end-to-end.

Support

For support, visit https://ibm.com/mysupport.