• Last Updated
    Aug 23, 2024
  • Version
    1.0.0
  • Compatibility
    ThreatQ Versions >= 5.0.0
  • IBM QRadar Action

    ThreatQuotient

    Overview

    The IBM QRadar Action for ThreatQ allows an analyst to query IBM QRadar for more information about a given IOC.

    The integration provides the following action:

    • IBM QRadar Action - performs a lookup within QRadar to find logs related to an indicator.

    The action is compatible with the following indicator types:

    • Email Address
    • FQDN
    • IP Address
    • URL

    The action returns enriched system indicator and event object types.

    Note:  This action is intended for use with ThreatQ TDR Orchestrator (TQO). An active TQO license is required for this feature.

    Copyright © 2025, ThreatQuotient, Inc. All Rights Reserved. Privacy Policy