Torrance, California, May 1st, 2026 — Criminal IP has partnered with Securonix to integrate its threat intelligence capabilities into the ThreatQ platform. This collaboration allows organizations to seamlessly incorporate external IP intelligence into their security workflows, enhancing the speed and accuracy of analysis and response.
Enhancing Security with Integrated Threat Intelligence
Criminal IP offers unique visibility into how assets and infrastructure are exposed online, differing from traditional intelligence feeds. By embedding this data into ThreatQ, organizations gain real-world context for their investigations, streamlining their existing processes without disruption.
The ThreatQ platform aggregates and prioritizes threat data from multiple sources. The integration of Criminal IP enables organizations to enrich this data with continuously updated intelligence based on exposure, thereby strengthening their investigative and response capabilities without introducing additional complexity.
Automated Data Enrichment and Real-Time Analysis
The integration facilitates automated enrichment of IP indicators within ThreatQ using Criminal IP’s threat intelligence APIs. These APIs provide contextual data such as maliciousness scores, VPN and proxy detections, remote access exposure, and known vulnerabilities.
ThreatQ’s data-driven orchestration engine allows organizations to set up automated workflows that continuously evaluate indicators against the Criminal IP threat database. This automation ensures that threat contexts remain current, reducing the manual effort required by analysts and supporting faster, more consistent threat prioritization.
Unified Workspace for Efficient Threat Investigation
Security analysts can access Criminal IP intelligence directly within the ThreatQ interface, enabling real-time validation of suspicious IP activity without switching tools. This integration combines exposure data with infrastructure insights, allowing teams to assess risk more effectively within their existing workflows.
Furthermore, analysts can perform on-demand Criminal IP lookups from indicator detail views or investigation boards, providing immediate context during active investigations. Criminal IP enhances ThreatQ’s investigation graph by revealing relationships between IP addresses, associated infrastructure, and attack activity, helping analysts understand threat patterns more comprehensively.
Strategic Prioritization and Future Outlook
The integration of Criminal IP’s intelligence with ThreatQ’s scoring framework allows organizations to align risk evaluation with their operational environment, enabling precise prioritization and effective decision-making during investigations. Enriched data can be visualized through dashboards to provide clearer insights into malicious trends and risk distribution.
This partnership underscores the growing importance of exposure-based intelligence in modern threat analysis. By continuously monitoring internet-facing assets and IP infrastructure, Criminal IP offers differentiated visibility that extends beyond traditional approaches. As Byungtak Kang, CEO of Criminal IP, asserts, this integration improves visibility and decision-making without adding operational complexity.
Scott Sampson, Chief Revenue Officer at Securonix, highlights the power of combining ThreatQ’s orchestration capabilities with Criminal IP’s threat data, allowing organizations to accelerate enrichment processes and focus on the most pressing threats. The partnership is set to transform how security teams operationalize threat intelligence by integrating automated enrichment, workflow orchestration, and prioritization within the ThreatQ platform.
