Criminal IP integration into Cortex XSOAR adds AI-driven exposure intelligence and automated scanning
Security Tool/Service
Summary
Hide ▲
Show ▼
Criminal IP has been officially integrated into Palo Alto Networks Cortex XSOAR, expanding SOC automation with real-time threat context, exposure intelligence, and automated scanning. The update matters because analysts can enrich suspicious IPs and domains with behavioral signals and AI-driven scoring without leaving the orchestration workflow. It is designed to improve incident accuracy and response speed across SOC playbooks.
Related Happenings
Criminal IP and Securonix ThreatQ integration adds exposure intelligence to investigations
Security Tool/Service
First: 01.05.2026 17:02
Last: 01.05.2026 17:02
Sources 1
About this happening:
Criminal IP’s integration into **ThreatQ** adds **IP reputation** and **exposure intelligence** to security workflows, helping teams speed up **analysis** and **response**. The up...
Criminal IP and Securonix ThreatQ integration adds exposure intelligence to investigations
Security Tool/ServiceAbout this happening: Criminal IP’s integration into **ThreatQ** adds **IP reputation** and **exposure intelligence** to security workflows, helping teams speed up **analysis** and **response**. The up...
Cyber threat actors use AI to accelerate extortion and exploitation
Target Trend
First: 17.02.2026 15:45
Last: 17.02.2026 15:45
Sources 1
About this happening:
Cyber threat actors are shifting to **routine operational use** of AI, making **extortion**, **reconnaissance**, **phishing**, and **exploit timing** faster and lower-friction acr...
Cyber threat actors use AI to accelerate extortion and exploitation
Target TrendAbout this happening: Cyber threat actors are shifting to **routine operational use** of AI, making **extortion**, **reconnaissance**, **phishing**, and **exploit timing** faster and lower-friction acr...
Criminal IP integration adds threat enrichment to IBM QRadar SIEM and SOAR
Security Tool/Service
First: 13.02.2026 17:05
Last: 13.02.2026 17:05
Sources 1
About this happening:
**Criminal IP** integrated with **IBM QRadar SIEM** and **QRadar SOAR**, bringing **external IP and URL threat intelligence** into SOC detection, investigation, and response workf...
Criminal IP integration adds threat enrichment to IBM QRadar SIEM and SOAR
Security Tool/ServiceAbout this happening: **Criminal IP** integrated with **IBM QRadar SIEM** and **QRadar SOAR**, bringing **external IP and URL threat intelligence** into SOC detection, investigation, and response workf...
Tenable One AI Exposure launches as a cloud-native add-on for AI exposure management
Security Tool/Service
First: 30.01.2026 22:23
Last: 30.01.2026 22:23
Sources 1
About this happening:
**Tenable** has launched **Tenable One AI Exposure**, a cloud-native add-on that helps enterprises detect and govern **agentic and generative AI** use before it creates **data exp...
Tenable One AI Exposure launches as a cloud-native add-on for AI exposure management
Security Tool/ServiceAbout this happening: **Tenable** has launched **Tenable One AI Exposure**, a cloud-native add-on that helps enterprises detect and govern **agentic and generative AI** use before it creates **data exp...
Microsoft Sentinel expands into unified agentic platform with data lake GA and Graph preview
Security Tool/Service
First: 30.09.2025 16:00
Last: 30.09.2025 16:00
Sources 1
About this happening:
**Microsoft Sentinel** expanded into a **unified agentic security platform**, with **Sentinel data lake** now generally available and **Sentinel Graph** plus a **Sentinel MCP serv...
Microsoft Sentinel expands into unified agentic platform with data lake GA and Graph preview
Security Tool/ServiceAbout this happening: **Microsoft Sentinel** expanded into a **unified agentic security platform**, with **Sentinel data lake** now generally available and **Sentinel Graph** plus a **Sentinel MCP serv...
Timeline
-
19.12.2025 16:30 2 articles · 5mo ago
Criminal IP officially integrates into Palo Alto Networks Cortex XSOAR
Initial DisclosureAI SPERA's Criminal IP is officially integrated into Palo Alto Networks' Cortex XSOAR through Cortex Marketplace, bringing real-time external threat context, exposure intelligence, and automated multi-stage scanning into SOC playbooks. The integration lets analysts enrich suspicious IPs and domains with behavioral signals, exposure history, infrastructure correlations, and AI-driven threat scoring, while supporting Quick Lookup, Lite Scan, and Full Scan workflows for attack-surface analysis.
Show sources
- Criminal IP and Palo Alto Networks Cortex XSOAR integrate to bring AI-driven exposure intelligence to automated incident response — www.bleepingcomputer.com — 19.12.2025 16:30
- Criminal IP and Palo Alto Networks Cortex XSOAR integrate to bring AI-driven exposure intelligence to automated incident response — www.bleepingcomputer.com — 19.12.2025 16:30