Skip to Main Content
IBM Security Ideas Portal

Shape the future of IBM Security

We invite you to shape the future of IBM, including the product roadmap, by submitting enhancement ideas that matter to you the most.

Here's how it works:

Post your ideas

Start by posting ideas and requests to enhance a product or service. Take a look at ideas others have posted and vote for them if they matter to you,

  1. Post an idea

  2. Vote for ideas that matter most to you

  3. Get feedback from the IBM team to refine your idea

Help IBM prioritize your ideas and requests

The IBM team may need your help to refine the ideas so they may ask for more information or feedback. The offering manager team will then decide if they can begin working on your idea. If they can start during the next development cycle, they will put the idea on the priority list. Each team at IBM works on a different schedule, where some ideas can be implemented right away, others may be placed on a different schedule.

Receive notification on the decision

Some ideas can be implemented at IBM, while others may not fit within the development plans for the product. In either case, the team will let you know as soon as possible. In some cases, we may be able to find alternatives for ideas which cannot be implemented in a reasonable time.

Post an Idea

To post a new idea - click on the "Add a new idea" button and where asked select the appropriate category this idea relates to. Provide requested information to allow us to get a better understanding of your request.

"Missing" Security Products?

If you cannot find the IBM Security product you are looking for then it is probably located in the IBM Security Private Ideas Portal. Check that site to open an idea.

Idea visibility

All ideas submitted via this portal are visible to all other portal users, though personal information fields remain hidden. If you would rather have your idea visible to only you and IBM then use the IBM Security Private Ideas Portal instead.

Please note: The purpose of the Ideas Portal is to tap the creativity of the IBM Security community so that we can enhance our products for everyone! If you need to report a defect or get help, please use our normal support channel. Click here to open a support ticket.

Want to see all of your IBM ideas in one place? Find them at



QRadar on Cloud

Showing 29 of 3465

Add Azure VM Events to Microsoft Defender DSM

A common attack vector for customers is to utilize VM creation for a command and control structure within a cloud environment. Currently you can use the the Azure platform logs to monitor what happens on a VM but not the creation or a manipulation...
1 day ago in QRadar on Cloud 0 Submitted

QROC deploy config changes on selective DGs

It is important for a multitenant environment as a MSSP partner to implement a future feature for automatically deploy changes on the available DGs (Data Gateways) independently of their state. The console and DG should be aware of the configurati...
about 2 months ago in QRadar on Cloud 0 Under review

Support HA

Please modify the script for the role assignment as to select "500" devices
6 days ago in QRadar on Cloud 0 Submitted


Use case manager to include detected in timeframe for tenant This would provide visibility to customers into their threat information on a Tenat basis
5 months ago in QRadar on Cloud 2 Future consideration

Add TLS Syslog Handshake Supported Renegotiation Extensions

We have identified an incompatibility between the decryption on Palo Alto and how QRadar is behaving. The TLS handshake will always fail when we attempt to have the firewall decrypt and inspect the traffic. We have identified that QRoc is sending ...
15 days ago in QRadar on Cloud 0 Submitted

Reference Sets operator to include "Contains" and "Not Contains"

SOC is looking to have the ability to search for Reference Sets using "Contains" and "Not Contains" filter that partially match the reference set values. Currently, we can only search on the following filters (Attached screenshot). It uses 1:1 mat...
about 1 year ago in QRadar on Cloud 0 Future consideration

Add MFA support to QRoC and remove IP address restrictions for console access

Please support MFA on IBM IDs for accessing QRoC, in order to enable removal of IP address restrictions when accessing the web console. This will allow our QRoC users to access the console from anywhere, removing the need for the users to VPN into...
6 months ago in QRadar on Cloud 1 Not under consideration

Implement 16-digit epoch timestamp parsing

Hi! I contacted the IBM QRadar on Cloud Support about the 16-digit epoch timestamp, widely implemented in most databases log systems, and IBM Support aswer me that the QRadar on Cloud has no support to 16-digit (microseconds) epoch timestamp parsing.
22 days ago in QRadar on Cloud 0 Submitted

Provide ability to set log retention at a tenant level

As an MSSP, we need the ability to provide different event / log retention timeframes per client, e.g. one client requires 3 months online, another requires 12 months, a third requires 3 years. It would be great if we could configure this per-tena...
6 months ago in QRadar on Cloud 0 Future consideration

Email address associated with Rules and reports in QRoC

Whenever we offboard an employee for any reason, we ask that any report and saved search owned by them gets reassigned to another employee, to ensure continuity of reports, and the ability to edit the saved searches. That is great, but there does ...
9 months ago in QRadar on Cloud 1 Future consideration