Skip to Main Content
IBM Security Ideas Portal

Shape the future of IBM Security

We invite you to shape the future of IBM, including the product roadmap, by submitting enhancement ideas that matter to you the most.

Here's how it works:

Post your ideas

Start by posting ideas and requests to enhance a product or service. Take a look at ideas others have posted and vote for them if they matter to you,

  1. Post an idea

  2. Vote for ideas that matter most to you

  3. Get feedback from the IBM team to refine your idea

Help IBM prioritize your ideas and requests

The IBM team may need your help to refine the ideas so they may ask for more information or feedback. The offering manager team will then decide if they can begin working on your idea. If they can start during the next development cycle, they will put the idea on the priority list. Each team at IBM works on a different schedule, where some ideas can be implemented right away, others may be placed on a different schedule.

Receive notification on the decision

Some ideas can be implemented at IBM, while others may not fit within the development plans for the product. In either case, the team will let you know as soon as possible. In some cases, we may be able to find alternatives for ideas which cannot be implemented in a reasonable time.

Post an Idea

To post a new idea - click on the "Add a new idea" button and where asked select the appropriate category this idea relates to. Provide requested information to allow us to get a better understanding of your request.

"Missing" Security Products?

If you cannot find the IBM Security product you are looking for then it is probably located in the IBM Security Private Ideas Portal. Check that site to open an idea.

Idea visibility

All ideas submitted via this portal are visible to all other portal users, though personal information fields remain hidden. If you would rather have your idea visible to only you and IBM then use the IBM Security Private Ideas Portal instead.

Please note: The purpose of the Ideas Portal is to tap the creativity of the IBM Security community so that we can enhance our products for everyone! If you need to report a defect or get help, please use our normal support channel. Click here to open a support ticket.

Want to see all of your IBM ideas in one place? Find them at



Reporting & metrics

Showing 64 of 3464
108 VOTE

Ability to Schedule Custom Reports

Ability to schedule & send out custom reports with option to filter for any fields. Example use case: Resilient to send out a daily report to each user with their open tickets, percentage of tasks completed for each ticket, days since each tic...
over 4 years ago in QRadar SOAR / Reporting & metrics 7 Future consideration

Analytics dashboard for artifacts

It should be useful , inside the analytics dashboards, to have the ability to visualize/build charts starting from artifacts statistics (how many incident involved per artifact over time, how many artifacts with a specific tag/value, etc ). Altern...
2 months ago in QRadar SOAR / Reporting & metrics 2 Under review

SLA Calculation and Reporting/ Notification

SLA Calculation and Reporting/ Notification is a very important aspects regarding IR, Resilient should have the functionality of calculating SLAs, then being able to report and then notify managers regarding SLAs valuations for an Incident.
about 3 years ago in QRadar SOAR / Reporting & metrics 2 Future consideration


In the attachments view add a date field that is modifiable, i.e. currently it shows the date the attachment is uploaded, but that ofttimes does not reflect the date that the attachment (email) is from.
8 months ago in QRadar SOAR / Reporting & metrics 2 Future consideration

Privilege sql on fields in function table QSYS2.OBJECT_PRIVILEGES

When you use the command dspobjaut in a file with 2 fields you can determinate if there is on special authorithy SQL on a field : in first field , OAOBJA is indicate 'USER DEF' and in second for exampleOAUPD whe have '/' in the function table QSYS...
about 2 months ago in QRadar SOAR / Reporting & metrics 1 Needs more information

Incident history details to be available in secondary database through data feeder

It would be good to have incident report details made available in the secondary database through data feeder. These details are useful for various reporting purposes.
over 2 years ago in QRadar SOAR / Integrations / Reporting & metrics 0 Future consideration

Incidents Export Management

Need ability to manage incidents export (excel) jobs. Today, there is no easy way to view current incident export jobs and the ability to delete/cancel an existing job that may be running long due to many reasons, e.g. user might have generated a ...
5 months ago in QRadar SOAR / Reporting & metrics 0 Future consideration

Please provide Time zone as configurable item in functions and applications

We have used Outbound Email application to send incident emails to concern team and exchange online application to query and delete the email however we have observed that these applications returns the time ins UTC time zone by default and we don...
about 2 months ago in QRadar SOAR / Reporting & metrics 1 Future consideration

World Map Geo-location Reporting

A reporting dashboard that could plot data based on Geo-location information available through internal company resources or an IP, placing data points indicating visually where incidents occur globally. This could be a static map, or interactive,...
over 4 years ago in QRadar SOAR / Reporting & metrics 2 Future consideration

Add events to audit logs when incident reports are downloaded.

Add events to audit logs when incident reports are downloaded. To allow monitoring and trackability data extraction of incidents.
7 months ago in QRadar SOAR / Reporting & metrics 3 Future consideration