Features and enhancements in IBM Security QRadar SOAR Platform 51.0.2.0
IBM Security QRadar SOAR Platform 51.0.2.0 includes new features and updates to the SOAR Breach response add-on privacy module.
Certificate validation for email connections
When configuring inbound email connections, you can choose between a client secret or certificate validation for the OAuth protocol.
For more information, see Configuring an inbound email connection.
Run actions permission
A new permission under Incident Permissions controls if a user can invoke actions on an object type. This new permission, Run Actions, enables users who do not have the Edit Incident permission to make changes to an incident by running a playbook, workflow, or rule that modifies the incident.
Users without Edit Incident permissions cannot directly make any changes to incidents. However, they can run playbooks that can modify the incident, as these are predefined operations on the incident. Playbooks, designed by playbook designers, specify what can be changed on an incident. The new Run Actions permission only enables the user to execute previously designed playbooks.
For more information about incident permissions, see Categories.
pgBackRest enhancements
You can now run the resExpireBackup
command without any parameter. When you run
resExpireBackup
without a parameter, the system keeps only the latest full backup
set (one full backup plus its incremental backup files). WAL archives for the previous backup set
are also removed.