Features and enhancements in IBM Security QRadar SOAR Platform 51.0.0.0

IBM Security QRadar SOAR Platform 51.0.0.0 includes new features in the App Host as well as updates to the SOAR Breach response add-on privacy module.

Change to product version schema

This release includes a new versioning format for the IBM Security QRadar SOAR Platform. The software product versioning is based on the IBM Version, Release, Modification and Fix (VRMF) schema.

The versioning is based on the principles of semantic versioning:
  • V - Version - Identifies and indicates a significant architectural change, significant new code, new function or separate IBM licensed program.
  • R - Release - Release within the version (V).
  • M - Modification - A refresh also referred to as a Mod Pack or Refresh Pack. This might indicate new code, new function or new features.
  • F - Fixes - fixes to defects and security vulnerabilities.
.

App Host updates

Migrate App Hosts
You can now migrate your App Hosts to different appliances, such as from a Red Hat® Enterprise Linux® 7 appliance to a Red Hat Enterprise Linux 8 appliance.
For more information, see New in 51.0.0.0 Migrating App Hosts between appliances.
Updated installation options for cluster CIDR and service CIDR
There are new options for cluster CIDR and service CIDR when installing the App Host.
For more information, see Changed in 51.0.0.0 Installing the virtual appliance and Changed in 51.0.0.0 Installing the App Host stand-alone software.

Playbooks dashboard

A new Playbook Instances tab is added to the Playbooks dashboard. The new tab shows instances of running playbooks over time.

From the Playbook Instances tab, you can view instances of running playbooks or playbooks that have completed. For more information, see Changed in 51.0.3.0 Viewing playbook instances.

PostgreSQL upgrade

The database used by the IBM Security QRadar SOAR Platform is upgraded from PostgreSQL 12 to PostgreSQL 14.

New rich text editor

The default rich text editor is replaced with an editor that provides better capabilities. You can use the new editor in fields such as description fields, notes, and the wiki.

The new editor provides enhanced capabilities, such as support for tables. For more information about the wiki, see SOAR Wiki and Resource Library.

Mandiant Threat Intelligence is removed

Mandiant Threat Intelligence is removed from default threat sources.

To use Mandiant, you can download the Mandiant Threat Intelligence app for the IBM Security QRadar SOAR Platform from the IBM Security App Exchange.