IBM QRadar Offense Ingestion for Security Operations release notes

  • Release version: Store
  • Updated June 11, 2026
  • 3 minutes to read
  • Version history for the IBM QRadar Offense Ingestion for Security Operations on the ServiceNow Store.

    Important:
    For details on system requirements and family compatibility, view the application listing on the ServiceNow Store website.

    Version history

    Version 10.7.4 - June 2026
    • Fixed:
      • Duplicate SIR creation issue for single offense in IBM Qradar.
      • Cobalt Raven Non-Glide Query ACLs Directive.
    Version 10.7.3 - April 2026
    • Fixed:
      • SIR creation issue in case of secure notes mapping.
      • Preview Section so that Event Data is now displayed correctly.
    Version 10.7.1 - March 2026
    • New:
      • Added support to fetch ADE Rules from IBM QRadar into Security Incident Response.
      • Introduced strategies to present offense data without dependency on CMDB or identity tables in the QRadar Offense Ingestion integration with SIR.
    • Fixed:
      • Custom offense fields that were not being retrieved, preventing proper field mapping during ingestion.
      • Event information that was not being mapped correctly during QRadar profile ingestion.
      • "Fetch Sample Data" feature, which was failing.
      • Offense fields mapping to Security Incident Records
    Version 10.6.1 - February 2026
    Fixed: "Fetch Sample Data" functionality on the mapping screen for IBM QRadar SIEM Offense Ingestion.
    Version 10.6.0 - January 2026
    New: Added support for fetching closed incidents from IBM QRadar into Security Incident Response.
    Version 10.5.0 - December 2025
    New: Upgraded all dictionary-level read-only fields to Strict Read-Only to enhance security and prevent unauthorized changes. This update ensures the server consistently enforces read-only behaviour across all UIs, scripts, and integrations.
    Version 10.4.20 - October 2025
    Fixed:
    • Optimized the offense ingestion process to handle events efficiently. These improvements reduce latency, improve throughput, and ensure faster availability of ingested offenses for analysis and investigation.
    • Qradar ingestion not working for On-prem deployments.
    • Not able to edit existing Field translations.
    Version 10.4.19 - September 2025
    Fixed: Optimized the offense ingestion process to handle events efficiently. These improvements reduce latency, improve throughput, and ensure faster availability of ingested offenses for analysis and investigation.
    Version 10.4.14 - November 2024
    Fixed: Fixed an issue where QRadar profile gets stuck in running state when system is restarted or shut down.
    Version 10.4.13 - May 2024
    The dependency on the new UI is removed.
    Version 10.4.12 - March 2024
    Fixed the issue of same offense ID in multiple Qradar instances.
    Version 10.4.9 - November 2023
    Fixed: One-time retrieval was not working on the Scheduling page of the profile in QRadar integration when the date format was changed to DD-MM-YYYY.
    Version 10.4.7 - May 2023
    Fixed: Handle 206 status code response from QRadar in Offense Ingestion.
    Version 10.4.4 - September 2022
    • New: Added overlapping properties to integration settings.
    • Fixed: Update 'start_time' to 'first_persisted_time' to avoid missing offenses.
    Version 10.4.3 - March 2022
    • Changed: Updated AngularJS library version.
    • Fixed:
      • Updated IBM QRadar close codes in the Additional Options stage.
      • Creating Blank SIR (skipping SIR sequence) when M2M mapping is done for Observable/CIs in Profile.
    Version 10.4.2 - December 2021
    Fixed: UI changes.
    Version 10.4.1 - December 2020
    Fixed: This release contains minor accessibility fixes.
    Version 10.4.0 - November 2020
    • Changed:
      • Modified the QRadar rule selection logic to fetch all the offenses generated by SYSTEM, OVERRIDE, and USER rules that are active.
      • Performance improvements.
    • Fixed: Minor bugs.
    Version 10.3.1 - June 2020
    Fixed: Minor bug fixes and improvements.
    Version 10.1.0 - May 2020
    Changed: Authentication method changed to IBM QRadar API authorized service token to support both QRadar on-premises and QRadar on Cloud.
    Version 10.0.2 - March 2020
    IBM QRadar is a market-leading solution for collecting, correlating, and reporting on security event information. This integration will be used to automate ingestion of correlated events from IBM QRadar and improve the ability to automate creation of security incidents in the ServiceNow platform through dynamic mapping.