Integrations for IBM Security QRadar SOAR
IBM Security® QRadar® SOAR integrations are part of an open integration framework and supported by IBM and leading security companies
Visit the IBM Security App Exchange Request a demo of QRadar SOAR
Illustration of purple, blue, light blue discs stacked horizontally
Empower security teams to be more efficient

Bring together people, processes and technologies to speed up threat enrichment, investigation and response. QRadar SOAR has hundreds of enterprise-grade, bidirectional integrations with third-party security solutions as well as broader IT and DevOps tools such as Red Hat® Ansible®.

Installation and deployment of applications only takes minutes with AppHost, QRadar SOAR’s integration infrastructure that containerizes integrations and brings integration management into the web user interface.

QRadar SOAR helps make security alerts instantly actionable. With the SOAR solution, analysts can use dynamic playbooks for a step‑by‑step guided response while improving collaboration and accelerating response times.

Get value from day 1
How we help businesses succeed 270+  

Over 270 integrations on the IBM App Exchange



7 times faster response possible with dynamic playbooks



More than 190 technical alliance program partners


Benefits Leverage the breadth of the ecosystem

Use hundreds of no-cost integrations and content packs available on the IBM Security App Exchange, including the industry’s most widely-adopted security solutions.

Accelerate incident response

Automate security actions with third-party tools and perform threat enrichment on incidents before security analysts begins their work.


Maximize your team's talent and skills

Eliminate the need to learn new security tools. Use your existing tech stack by connecting your own tools and hundreds of integrations from the IBM App Exchange.


Security intelligence and event management (SIEM)

Use either IBM or third-party SIEM applications with QRadar SOAR to escalate and manage cases seamlessly.

Search the application directory Splunk

Provides automatic and manual escalation of Splunk alerts and notable events to the QRadar SOAR Platform, along with easy incident mapping.

QRadar SOAR add-on for Splunk
Microsoft Azure Sentinel

Allows bidirectional synchronization between QRadar SOAR and Microsoft Azure Sentinel. Sentinel entities are exposed as artifacts for further investigation.

Microsoft Azure Sentinel for QRadar SOAR
Endpoint detection and response (EDR)

Use either IBM or third-party EDR applications with QRadar SOAR to escalate cases originating from users, endpoint devices and IT assets.

Search the application directory Cybereason

Uses the power of the Cybereason Platform within QRadar SOAR. Automatically import high fidelity alerts, investigate and respond to incidents within the SOAR workflow. 

Cybereason Endpoint Protection Platform

Imports CrowdStrike Detections or indicators of compromise (IOCs) into QRadar SOAR, so you can automate your security playbooks and view a wide range of incidents.

CrowdStrike Falcon Insight and Threat Intel
IBM Security® QRadar® EDR

Allows bidirectional synchronization of QRadar EDR, formerly ReaQta, alerts to QRadar SOAR. Additional functions include list and kill endpoint processes, isolate the endpoint, synchronize notes and close events.

QRadar EDR for QRadar SOAR
Collaboration and IT service management (ITSM)

Use either IBM or third-party collaboration and ITSM applications to enhance communication and coordination with QRadar SOAR.

Search the application directory Slack

Enables Incident, Note, Artifact, Task and Attachment data to be shared in Slack. 

Slack Integration for QRadar SOAR
Microsoft Teams

Supports posting incident data messages to Microsoft Teams channels in the MessageCard format.

Microsoft Teams for QRadar SOAR

Allows for the tracking of QRadar SOAR Incidents and Tasks as Jira Issues with bidirectional links for easy navigation.

Atlassian Jira Functions for QRadar SOAR
The power of SIEM plus SOAR
Combine intelligence and insights with automation and integration Together, IBM Security® QRadar® SIEM and QRadar SOAR deliver end-to-end threat management that can accelerate incident response by combining accurate threat detection, case management, orchestration and automation, plus artificial and human intelligence. QRadar SOAR offers case management, dynamic playbooks with customizable and automated workflows, and a robust ecosystem of third-party integrations that let analysts use information from QRadar SIEM and efficiently respond to incidents.
IBM Security integrations

IBM Security QRadar SOAR supports integrations with offerings from the IBM Security portfolio.

Search the application directory IBM Security® QRadar® SIEM

Threat detection and prioritization for real-time visibility.

Explore QRadar SIEM
IBM Security® Guardium®

Suite for data encryption, management and simplified compliance.

Explore Guardium
IBM Security® Verify

Identity, authentication and access control software.


Explore Verify
IBM Security® MaaS360®

Unified endpoint management for mobile workforces.

Explore MaaS360
IBM Security® X-Force®

Build and manage an integrated IT security program.

Explore X-Force
Validated and supported applications

There are hundreds of applications and add-ons available that are fully supported by IBM or trusted partners and ready for you to use.


Explore the IBM Security App Exchange
Community applications

Developed by customers, partners or IBM services organizations, these applications undergo functional and security testing before getting published. They are supported through the IBM Security QRadar SOAR user community.

Visit the QRadar SOAR community

Integrating seamlessly with existing tools

Facing new regulatory deadlines, businesses need to report and respond to security breaches more rapidly than ever before. With the QRadar SOAR Platform, Secure-24 boosted the speed and flexibility of its investigative team to provide even faster—but still highly reliable and auditable—support during stressful security events.

Secure-24 improves incident response Learn how
Take the next step

Schedule time to speak with an expert or view integrations on the IBM Security App Exchange.

Explore the IBM App Exchange