Home
Integrating
Learn how to integrate the product with other solutions.
Integrating with IBM Security Qradar
Learn how to integrate the product with IBM Security Qradar.
QRadar® integration overview
The QRadar® Security Intelligence Platform serves as a control center that integrates real-time security intelligence data to include more than 400 different sources. With security intelligence, companies can automatically alert security teams to unpatched Web applications that risk being attacked by known application-layer exploits that AppScan® Enterprise has identified. This integration enables QRadar Offence Manager to determine if observed malicious traffic to a Web application could potentially lead to an exploit and then report this as a high-risk incident to the network administrator.

Integrating
Learn how to integrate the product with other solutions.
- Defining custom user types
- Integrating with IBM Security Qradar
  Learn how to integrate the product with IBM Security Qradar.
  - QRadar® integration overview
    The QRadar® Security Intelligence Platform serves as a control center that integrates real-time security intelligence data to include more than 400 different sources. With security intelligence, companies can automatically alert security teams to unpatched Web applications that risk being attacked by known application-layer exploits that AppScan® Enterprise has identified. This integration enables QRadar Offence Manager to determine if observed malicious traffic to a Web application could potentially lead to an exploit and then report this as a high-risk incident to the network administrator.
  - Setting up QRadar® integration
    Configure these settings to enable integration with Security QRadar®.
  - Granting report access to QRadar®
    You need "Publish to QRadar®" user permissions to complete this task.
  - Revoking report access from QRadar®
    When you no longer want report results to be accessible to QRadar®, you can revoke the report.
  - Revoking report access from QRadar® (Product Administrator only)
    When you no longer want report results to be accessible to QRadar®, you can revoke the report.
- Integrating with QA automation systems
  Learn how to integrate the product with QA automation systems.
- Integrating with Defect Tracking Systems
  Learn how to integrate the product with Defect Tracking Systems.

QRadar® integration overview

The QRadar® Security Intelligence Platform serves as a control center that integrates real-time security intelligence data to include more than 400 different sources. With security intelligence, companies can automatically alert security teams to unpatched Web applications that risk being attacked by known application-layer exploits that AppScan® Enterprise has identified. This integration enables QRadar® Offence Manager to determine if observed malicious traffic to a Web application could potentially lead to an exploit and then report this as a high-risk incident to the network administrator.

About this task

QRadar® uses REST APIs available for Applications in monitor view of AppScan® Enterprise to pull issues. In AppScan® Enterprise, the QRadar® users should have access to these applications. QRadar® looks for Hosts application attribute and pulls the data only if this attribute is populated with IP address of the box where the target application is installed.

Note: When QRadar® imports the report results, any SAST findings are not used because they are not associated with a URL, and hence they cannot be mapped to an IPv4 address in QRadar®.