Technology Partners and IBMers can submit QRadar extensions to the IBM Security App Exchange portal to start the review process. Content posted on the IBM Security App Exchange will go through a validation process, as all applications and content extensions are reviewed by IBM QRadar quality teams. For more information, see Getting Started with Developing Your QRadar Extension for the steps needed to submitting your extension for validation and publication.

IMPORTANT: If you are not a Technology Partner (Business Partner) or an IBM employee, you cannot submit applications to the IBM Security X-Force App Exchange at this time. This functionality might become available in the future, but at this time all application and content submissions are restricted to partners and employees. We encourage administrators who write their own apps to feel free to use these apps in their own deployments. In the future when app submission becomes global for all users, it will be announced on this site.

You will be asked to provide a set of material, along with your extension code. Please see below for the type of material you will be asked to provide. You will also need to sign and package your content. Once you have gathered this material, you can request access to the IBM Security App Exchange portal to submit this material and schedule a validation test.

Required Collateral for Submitting Your Extension for Validation

Your Application and Extensions

  • Code
  • Rules
  • Reference Sets
  • Custom Properties

Application Information

  • Application Version/Release/Modification Numbers
  • Short Description
  • Long Description
  • State the minimum version your extension can run on (QRadar 7.2.6 is lowest release that you can use)Your application must be exported from the minimum supported QRadar version
  • Support Information
    Support Email or URL for your extension users to use
  • Indicate if your extension requires Internet access
  • Indicate if your extension contains encryption functionality or cyptography

Application Documentation

  • Documentation
    (PDF or URL link to user documentation for your extension)
  • Graphics
    • 100*100 px .png – Your Company Logo
    • 200*72   px .png – Your Extension Log
    • Screenshots to show your extension displays in QRadar (min 1280*720 px png or jpg)
  • Brief Video

Application Metadata

  • Content Type
  • Industry Categories
  • Tag Words
  • Security Product Categories

Application License File

  • We will use Apache License if you do not provide one for your QRadar extension

Legal Document Signed

  • This legal document provides the ability for IBM to post your extension on the IBM Security Exchange

Sign your Application

You must obtain an IBM certification file and sign your application, and package it prior to submitting to the IBM Security App Exchange.

Test information

You are required to provide as much test information as possible to enable us to effectively test your extension. You can include a video, screenshots, .doc, .pdf, or add text in the portal. Useful test data must be submitted in order to prevent delays in validation: connection information to systems, demo video if we can’t connect to systems, system logs or whatever. Or arrange a demo with the validation team

    Useful test information typically includes:
  • Steps to install your extension for QRadar SIEM
  • Step through the configuration of your extension, including the connection of your extension to QRadar (if required for your QRadar application) and any other connections that the extension will use.
  • Walk-through each of the use cases of your QRadar extension and show the resulting screens with data.
  • Examples of your dashboard with data populated
  • Examples of any right-click menus and resulting screen that gets launched
  • Examples of any toolbar buttons and mouse-over fields or hover text
  • Show any updated incidents/events in QRadar where you have added additional content information

For more information