IBM Support

Publishing Your Extension

General Page

Technology Partners and IBMers can submit QRadar extensions to the IBM Security App Exchange portal to start the review process. Content posted on the IBM Security App Exchange will go through a validation process, as all applications and content extensions are reviewed by IBM QRadar quality teams.
QRadar App Development

Publishing Your Extension

Technology Partners and IBMers can submit QRadar extensions to the IBM Security App Exchange portal to start the review process. Content posted on the IBM Security App Exchange will go through a validation process, as all applications and content extensions are reviewed by IBM QRadar quality teams. For more information, see Getting Started with Developing Your QRadar Extension for the steps needed to submitting your extension for validation and publication.

IMPORTANT: If you are not a Technology Partner (Business Partner) or an IBM employee, you cannot submit applications to the IBM Security X-Force App Exchange at this time. This functionality might become available in the future, but at this time all application and content submissions are restricted to partners and employees. We encourage administrators who write their own apps to feel free to use these apps in their own deployments. In the future when app submission becomes global for all users, it will be announced on this site.

Before Submitting Your Extension

Sign your Application

You must obtain an IBM certification file and sign your application, and package before submitting to the IBM Security App Exchange.

Pre-Validate your Application

Before you submit your app to the App Exchange Submission Portal it must pass the Pre-Validation App.

Application Security

During validation your extension will be reviewed for security. The vast majority of security concerns are for extensions containing QRadar apps

Required Collateral for Submitting Your Extension for Validation

You will be asked to provide a set of material, along with your extension code. Please see below for the type of material you will be asked to provide. You will also need to sign and package your content. Once you have gathered this material, you can request access to the IBM Security App Exchange portal to submit this material and schedule a validation test.

Your Application and Extensions

  • Code
  • Rules
  • Reference Sets
  • Custom Properties

Application Information

  • Application Version/Release/Modification Numbers
  • Short Description
  • Long Description
  • State the minimum version your extension can run on (QRadar 7.2.6 is lowest release that you can use). Your application must be exported from the minimum supported QRadar version
  • Support Information
    Support email or URL for your extension users to use
  • Indicate if your extension requires Internet access
  • Indicate if your extension contains encryption functionality or cryptography

Application Documentation

  • Documentation
    (PDF or URL link to user documentation for your extension)
  • Graphics
    • 100*100 px .png - Your company logo
    • 200*72 px .png - Your extension log
    • Screen captures to show your extension display in QRadar (min 1280*720 px png or jpg)
  • Brief Video

Application metadata

  • Content Type
  • Industry Categories
  • Tag Words
  • Security Product Categories

Application license file

  • We will use Apache license if you do not provide one for your QRadar extension

Legal Document Signed

  • This legal document provides the ability for IBM to post your extension on the IBM Security Exchange

Test information

You are required to provide as much test information as possible to enable us to effectively test your extension. You can include a video, screenshots, .doc, .pdf, or add text in the portal. Useful test data must be submitted in order to prevent delays in validation: connection information to systems, demo video if we can't connect to systems, system logs or whatever. Or arrange a demo with the validation team

  • Useful test information typically includes:
  • Steps to install your extension for QRadar SIEM
  • Step through the configuration of your extension, including the connection of your extension to QRadar (if required for your QRadar application) and any other connections that the extension will use.
  • Walk through each of the use cases of your QRadar extension and show the resulting screens with data.
  • Examples of your dashboard with data populated
  • Examples of any right-click menus and resulting screen that gets launched
  • Examples of any toolbar buttons and mouse-over fields or hover text
  • Show any updated incidents/events in QRadar where you have added additional content information

[{"Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"ARM Category":[{"code":"a8m0z000000cwt3AAA","label":"QRadar Apps"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)"}]

Document Information

Modified date:
16 March 2022

UID

ibm16256060

Page Feedback