Skip to Main Content
IBM Security Ideas Portal

Shape the future of IBM Security

We invite you to shape the future of IBM, including the product roadmap, by submitting enhancement ideas that matter to you the most.

Here's how it works:

Post your ideas

Start by posting ideas and requests to enhance a product or service. Take a look at ideas others have posted and vote for them if they matter to you,

  1. Post an idea

  2. Vote for ideas that matter most to you

  3. Get feedback from the IBM team to refine your idea


Help IBM prioritize your ideas and requests

The IBM team may need your help to refine the ideas so they may ask for more information or feedback. The offering manager team will then decide if they can begin working on your idea. If they can start during the next development cycle, they will put the idea on the priority list. Each team at IBM works on a different schedule, where some ideas can be implemented right away, others may be placed on a different schedule.


Receive notification on the decision

Some ideas can be implemented at IBM, while others may not fit within the development plans for the product. In either case, the team will let you know as soon as possible. In some cases, we may be able to find alternatives for ideas which cannot be implemented in a reasonable time.


Post an Idea

To post a new idea - click on the "Add a new idea" button and where asked select the appropriate category this idea relates to. Provide requested information to allow us to get a better understanding of your request.


"Missing" Security Products?

If you cannot find the IBM Security product you are looking for then it is probably located in the IBM Security Private Ideas Portal. Check that site to open an idea.


Idea visibility

All ideas submitted via this portal are visible to all other portal users, though personal information fields remain hidden. If you would rather have your idea visible to only you and IBM then use the IBM Security Private Ideas Portal instead.


Please note: The purpose of the Ideas Portal is to tap the creativity of the IBM Security community so that we can enhance our products for everyone! If you need to report a defect or get help, please use our normal support channel. Click here to open a support ticket.


Want to see all of your IBM ideas in one place? Find them at ideas.ibm.com

ADD A NEW IDEA

FILTER BY CATEGORY

QRadar Security Info and Event Management

Showing 630 of 3135

[Copy] [Copy] Visual Studio Code (vscode) extention for AQL syntax highlighting, formatting and validation

We use a lot of AQL (as I assume most QRadar users do) but find that writing and storing AQL for modification and re-use is easier in an external code editor like Visual Studio Code. We currently use a generic SQL formatter like https://marketplac...
1 day ago in QRadar Security Info and Event Management 1 Not under consideration

Add "at" linux package or alternative for one-time command execution scheduling

Currently there is only cron to schedule commands. But unfortunately this is for periodic execution and not one-time. There should be an option to schedule commands only one-time like with the linux package "at".
22 days ago in QRadar Security Info and Event Management 1 Functionality already exists

Enhance the GCP Qradar Image beyond 1225 GB

Team, I am trying to deploy an EP in GCP with 3 TB of storage but since the image is designed to take only 1225 GB and /store is coming out to be 882 GB only which is not sufficing my needs. I have tried using another disc. This is urgent require...
30 days ago in QRadar Security Info and Event Management 1 Future consideration

Visual Studio Code (vscode) extention for AQL syntax highlighting, formatting and validation

We use a lot of AQL (as I assume most QRadar users do) but find that writing and storing AQL for modification and re-use is easier in an external code editor like Visual Studio Code. We currently use a generic SQL formatter like https://marketplac...
about 1 month ago in QRadar Security Info and Event Management 1 Not under consideration

Redirect DLC logs to a file instead of sending them to Qradar and fetching them via pull.

A pull function is required for the use of the DLC in a DMZ. Instead of sending the data to a destination address of QRadar, the data is to be written to a file or file location in order to fetch it from there via pull function of QRadar.
about 1 month ago in QRadar Security Info and Event Management 0 Under review

Remove the limit of 10.000 for subqueries or at least make the limit configurable

Currently there is a subquery limit of 10.000 lines in the product which makes it nearly unusuable for several threat hunting / detection scenarios. Therefore we would like to see the limit for subqueries completely removed from the product or at ...
about 1 month ago in QRadar Security Info and Event Management 0 Under review

LSM Advanced search by LSG Names

With Basic Search, we can use only "OR" clauses between our different LSG. We need to use "AND" clauses, and the unique way we know is with Advanced Search. But there is a problem, on advanced search we can use LSG "group_ids" and we need somethin...
about 1 month ago in QRadar Security Info and Event Management 0 Under review

app Reference Data Management for multitenant using

switch app Reference Data Management to multitenant using RFE is following from case TS009441686
about 1 month ago in QRadar Security Info and Event Management 0 Under review

Universal Cloud REST API protocol does not have an option for processing HTTP streaming data

HTTP streaming is a push-style data transfer technique that allows a web server to continuously send data to a client over a single HTTP connection that remains open indefinitely This enables clients to consume events in near-real-time and there i...
about 1 month ago in QRadar Security Info and Event Management 1 Future consideration

DSM not supporting Cisco FMC after new upgrade (7.0.1)

We are not able to collect the Connection Statistics from Cisco FMC after the Upgrade of FMC, which is not supported by QRadar.Hence request to update the DSM to resolve the issue.
about 2 months ago in QRadar Security Info and Event Management 1 Planned for future release