Criminal IP Plugs Exposure Data Into Securonix ThreatQ for IP Enrichment

Criminal IP and Securonix have integrated their platforms so ThreatQ users can pull Criminal IP’s IP and domain reputation data directly into existing investigation workflows. The enrichment covers maliciousness scoring, VPN and proxy detection, exposed remote access, open ports, and known vulnerabilities — context layered onto incoming indicators automatically rather than through manual analyst lookups.

The pitch leans on exposure-based intelligence as a complement to traditional indicator feeds: instead of just flagging known-bad IPs, Criminal IP’s continuous internet scanning surfaces how infrastructure is exposed, which ThreatQ’s orchestration engine then folds into scoring and prioritization. Analysts can run on-demand lookups from indicator views and see relationship graphs across IPs and attacker infrastructure without leaving the console.

This is a sponsored piece written by Criminal IP, so treat the framing as marketing — the substance is a standard threat-intel feed integration through ThreatQ’s existing API and orchestration model, not a novel capability.