Criminal IP Strengthens Threat Intelligence Operations Through Integration with ThreatQ Platform
AI-based threat intelligence platform Criminal IP has partnered with ThreatQ to integrate its external IP-based threat intelligence into existing security workflows, accelerating threat analysis and response.
📋 Article Processing Timeline
- 📰 Published: May 11, 2026 at 18:00
- 🔍 Collected: May 11, 2026 at 09:31
- 🤖 AI Analyzed: May 11, 2026 at 10:04 (32 min after Collected)
Criminal IP X ThreatQ Platform Integration
AI-based threat intelligence platform Criminal IP has initiated integration with the ThreatQ platform through a partnership with Securonix.
This integration allows organizations to directly leverage Criminal IP's external IP-based threat intelligence within their existing security workflows, enabling security teams to accelerate analysis and response based on more actionable context.
Unlike traditional threat intelligence feeds, Criminal IP provides visibility into the 'exposure status' of assets and infrastructure on the internet.
By incorporating this data into ThreatQ, real-world context can be integrated into investigations without altering existing operational processes.
ThreatQ is a platform that centralizes and prioritizes threat data collected from multiple sources. This integration adds continuously updated 'exposure-based' threat intelligence to its orchestration and analysis workflows, supporting more advanced and rapid decision-making.
■ Scalable Intelligence Automated Enrichment
In the integrated environment with ThreatQ, Criminal IP's threat intelligence API automatically enriches IP indicators ingested into ThreatQ with contextual information.
This includes malicious scoring, VPN/proxy detection, remote access exposure status, open port information, and known vulnerability information.
Furthermore, ThreatQ's data-driven orchestration capabilities allow organizations to configure automated workflows that continuously cross-reference incoming indicators with Criminal IP's threat database.
This enables the maintenance of up-to-date threat context without requiring manual intervention from analysts, thereby accelerating triage and improving consistency in prioritization.
■ Real-time Investigation in an Integrated Workspace
Criminal IP intelligence integrated into the ThreatQ dashboard provides centralized visibility of enriched indicators and risk context.
This integration allows analysts to directly access Criminal IP's threat intelligence from within the ThreatQ interface, enabling real-time verification of suspicious IP activities without switching tools.
By combining external exposure data with infrastructure-level analysis, more accurate risk assessments can be performed within existing workflows.
Criminal IP information can also be queried on-demand from indicator detail screens and investigation boards. This provides immediate additional context for incidents under investigation, supporting rapid decision-making.
Moreover, Criminal IP extends ThreatQ's investigation graph capabilities, visualizing relationships between IP addresses, associated infrastructure, and attack activity connections. This allows analysts to more intuitively grasp the relationships and patterns between threats.
■ Advanced Prioritization and Response Driven by Intelligence
By integrating Criminal IP's threat intelligence into ThreatQ's scoring framework, organizations can achieve risk assessments tailored to their operational environment.
This enables more accurate prioritization and improves the quality of decision-making in the investigation process.
Enriched data is also visualized on the dashboard, providing an intuitive understanding of maliciousness trends, VPN usage, and the overall risk distribution of indicators. This allows for a clearer grasp of the overall threat landscape.
■ Enhanced Visibility Through Exposure Intelligence
This partnership demonstrates the increasing importance of 'exposure-based intelligence' in modern threat analysis.
Criminal IP continuously monitors and analyzes assets and IP infrastructure exposed on the internet, providing visibility beyond traditional indicator-based methods.
This expanded perspective enables organizations to more accurately identify external risks, strengthen detection capabilities, and improve their ability to respond to evolving threats.
■ Current State of Cyberattacks in Japan and the Importance of Threat Intelligence
AI-based threat intelligence platform Criminal IP has initiated integration with the ThreatQ platform through a partnership with Securonix.
This integration allows organizations to directly leverage Criminal IP's external IP-based threat intelligence within their existing security workflows, enabling security teams to accelerate analysis and response based on more actionable context.
Unlike traditional threat intelligence feeds, Criminal IP provides visibility into the 'exposure status' of assets and infrastructure on the internet.
By incorporating this data into ThreatQ, real-world context can be integrated into investigations without altering existing operational processes.
ThreatQ is a platform that centralizes and prioritizes threat data collected from multiple sources. This integration adds continuously updated 'exposure-based' threat intelligence to its orchestration and analysis workflows, supporting more advanced and rapid decision-making.
■ Scalable Intelligence Automated Enrichment
In the integrated environment with ThreatQ, Criminal IP's threat intelligence API automatically enriches IP indicators ingested into ThreatQ with contextual information.
This includes malicious scoring, VPN/proxy detection, remote access exposure status, open port information, and known vulnerability information.
Furthermore, ThreatQ's data-driven orchestration capabilities allow organizations to configure automated workflows that continuously cross-reference incoming indicators with Criminal IP's threat database.
This enables the maintenance of up-to-date threat context without requiring manual intervention from analysts, thereby accelerating triage and improving consistency in prioritization.
■ Real-time Investigation in an Integrated Workspace
Criminal IP intelligence integrated into the ThreatQ dashboard provides centralized visibility of enriched indicators and risk context.
This integration allows analysts to directly access Criminal IP's threat intelligence from within the ThreatQ interface, enabling real-time verification of suspicious IP activities without switching tools.
By combining external exposure data with infrastructure-level analysis, more accurate risk assessments can be performed within existing workflows.
Criminal IP information can also be queried on-demand from indicator detail screens and investigation boards. This provides immediate additional context for incidents under investigation, supporting rapid decision-making.
Moreover, Criminal IP extends ThreatQ's investigation graph capabilities, visualizing relationships between IP addresses, associated infrastructure, and attack activity connections. This allows analysts to more intuitively grasp the relationships and patterns between threats.
■ Advanced Prioritization and Response Driven by Intelligence
By integrating Criminal IP's threat intelligence into ThreatQ's scoring framework, organizations can achieve risk assessments tailored to their operational environment.
This enables more accurate prioritization and improves the quality of decision-making in the investigation process.
Enriched data is also visualized on the dashboard, providing an intuitive understanding of maliciousness trends, VPN usage, and the overall risk distribution of indicators. This allows for a clearer grasp of the overall threat landscape.
■ Enhanced Visibility Through Exposure Intelligence
This partnership demonstrates the increasing importance of 'exposure-based intelligence' in modern threat analysis.
Criminal IP continuously monitors and analyzes assets and IP infrastructure exposed on the internet, providing visibility beyond traditional indicator-based methods.
This expanded perspective enables organizations to more accurately identify external risks, strengthen detection capabilities, and improve their ability to respond to evolving threats.
■ Current State of Cyberattacks in Japan and the Importance of Threat Intelligence