Getting Started

The topics in this web site discuss the methods you can use to develop apps that can integrate the IBM Resilient SOAR Platform into your environment to meet your Security, Orchestration and Response (SOAR) goals. The details of writing code are covered in the developer guides.

Before you write your own, review the apps in the IBM Security App Exchange for one that fits your needs. There are a significant number of Resilient apps ready for use today.

Here is one example of existing apps that integrate the Resilient platform into a security environment:

Before starting, you need to know these terms:

  • A Resilient app, formerly called extension or integration, is a collection of playbook components, code executables or both that represent an end-to-end function that customize and enhance the Resilient product capabilities.
  • A playbook component is a Resilient rule, workflow, Python script, function, custom field, data table or message destination. You create these components in the Resilient platform.
  • A code executable is remote code you provide that can access and return external data, interact or integrate with other security systems, or simply be a utility that performs a specific action.

Make sure to keep up with the latest announcements and events: