Criminal IP partners with Securonix to integrate Criminal IP’s Threat Intelligence into ThreatQ, allowing organizations to incorporate external IP intelligence into their existing workflows, helping security teams accelerate analysis and response with more actionable context.
Unlike traditional intelligence feeds, Criminal IP provides visibility into how assets and infrastructure are exposed across the internet. By embedding this data into ThreatQ, organizations can incorporate real-world context into investigations without disrupting existing processes.
ThreatQ centralizes and prioritizes threat data from multiple sources. With Criminal IP integrated, organizations can enrich this data with continuously updated, exposure-based intelligence, strengthening investigation and response workflows without added complexity.
Automated Intelligence Enrichment at Scale
Within the integrated environment, Criminal IP’s threat intelligence APIs automatically enrich incoming IP indicators in ThreatQ with contextual data such as maliciousness scoring, VPN and proxy detection, remote access exposure, open ports, and known vulnerabilities.
Powered by ThreatQ’s data-driven orchestration engine, organizations can configure automated workflows that continuously evaluate incoming indicators against Criminal IP’s threat database.
This ensures that threat context remains current without requiring manual analyst effort, supporting faster triage and more consistent prioritization.
Integrate Criminal IP’s exposure-based threat intelligence into ThreatQ to enrich IP indicators with real-time context.
Automate analysis with maliciousness scoring, VPN/proxy detection, and infrastructure insights to accelerate investigation and response within a unified workflow.
Real-Time Investigation Within a Unified Workspace
enabling unified visibility into enriched indicators and risk context
The integration allows analysts to access Criminal IP intelligence directly within the ThreatQ interface, enabling real-time validation of suspicious IP activity without switching tools. By combining exposure data with infrastructure-level insights, teams can assess risk more effectively within their existing workflows.
Analysts can also perform on-demand Criminal IP lookups directly from indicator detail views or investigation boards, providing immediate access to additional context during active investigations.
Criminal IP further enhances ThreatQ’s investigation graph by revealing relationships between IP addresses, associated infrastructure, and attack activity, helping analysts better understand connections and patterns across threats.
Intelligence-Driven Prioritization and Response
enabling automated ingestion and filtering of exposure-based IP intelligence directly into analysis workflows
By integrating Criminal IP’s intelligence into ThreatQ’s scoring framework, organizations can align risk evaluation with their specific operational environment. This enables more precise prioritization and supports more effective decision-making during investigations.
Enriched data can also be visualized through dashboards, providing clearer visibility into maliciousness trends, VPN usage, and risk distribution across indicators.
Expanding Visibility with Exposure Intelligence
The integration highlights the growing importance of exposure-based intelligence in modern threat analysis. By continuously monitoring and analyzing internet-facing assets and IP infrastructure, Criminal IP provides differentiated visibility that extends beyond traditional indicator-based approaches.
“This integration enables organizations to bring IP reputation and exposure intelligence directly into the ThreatQ platform, supporting faster analysis and more effective response throughout the investigation lifecycle,” said Byungtak Kang, CEO of Criminal IP. “By integrating our intelligence into existing workflows, security teams can improve visibility and make more informed decisions without adding operational complexity.”
“This collaboration strengthens the role of IP intelligence at critical points of investigation and decision-making,” said Scott Sampson, Chief Revenue Officer, Securonix. “By combining ThreatQ’s orchestration and prioritization capabilities with Criminal IP’s real-time threat data, organizations can accelerate enrichment processes, reduce manual workloads, and focus on the most relevant threats within their environment.”
Through this partnership, Criminal IP and Securonix enable security teams to operationalize threat intelligence more effectively by integrating automated enrichment, workflow orchestration, and precise prioritization within the ThreatQ platform.
About Criminal IP
Criminal IP is a cyber threat intelligence solution operated by AI SPERA that provides decision-ready IP address and domain reputation data to security teams worldwide.
By continuously scanning the global internet, Criminal IP aggregates and contextualizes threat signals across IPs, domains, URLs, and attack infrastructure, covering malicious indicators, known vulnerabilities, exposed assets, and attacker behavior.
Criminal IP’s mission is to give organizations real visibility into their cyber landscape and accelerate threat detection and response by delivering the intelligence needed to outsmart attackers. For more information, visit www.criminalip.io.
About Securonix
Securonix is transforming security operations with the industry’s first Unified Defense SIEM with Agentic AI, built to decide and act across the threat lifecycle with a human-in-the-loop philosophy. Its cloud-native platform unifies detection, investigation, and response, while enabling Sam, the AI SOC Analyst, and a productivity-based AI operating model for the SOC, so organizations can measure and govern AI by the analyst work it delivers. Helping enterprises become Breach Ready and Board Ready, Securonix delivers accountable, outcome-driven security operations at scale. Recognized as a Leader in the Gartner® Magic Quadrant™ for SIEM and a Customers’ Choice by Gartner Peer Insights™, Securonix delivers trusted security operations for global enterprises. Learn more at www.securonix.com.
Sponsored and written by Criminal IP.
