Criminal IP integration adds threat enrichment to IBM QRadar SIEM and SOAR
Security Tool/Service
Summary
Hide ▲
Show ▼
Criminal IP integrated with IBM QRadar SIEM and QRadar SOAR, bringing external IP and URL threat intelligence into SOC detection, investigation, and response workflows. The update matters because it helps teams prioritize risk faster and act on suspicious activity without leaving the QRadar environment.
Related Happenings
Criminal IP and Securonix ThreatQ integration adds exposure intelligence to investigations
Security Tool/Service
First: 01.05.2026 17:02
Last: 01.05.2026 17:02
Sources 1
About this happening:
Criminal IP’s integration into **ThreatQ** adds **IP reputation** and **exposure intelligence** to security workflows, helping teams speed up **analysis** and **response**. The up...
Criminal IP and Securonix ThreatQ integration adds exposure intelligence to investigations
Security Tool/ServiceAbout this happening: Criminal IP’s integration into **ThreatQ** adds **IP reputation** and **exposure intelligence** to security workflows, helping teams speed up **analysis** and **response**. The up...
Criminal IP integration into Cortex XSOAR adds AI-driven exposure intelligence and automated scanning
Security Tool/Service
First: 19.12.2025 16:30
Last: 19.12.2025 16:30
Sources 1
About this happening:
**Criminal IP** has been officially integrated into **Palo Alto Networks Cortex XSOAR**, expanding SOC automation with **real-time threat context**, **exposure intelligence**, and...
Criminal IP integration into Cortex XSOAR adds AI-driven exposure intelligence and automated scanning
Security Tool/ServiceAbout this happening: **Criminal IP** has been officially integrated into **Palo Alto Networks Cortex XSOAR**, expanding SOC automation with **real-time threat context**, **exposure intelligence**, and...
Timeline
-
13.02.2026 17:05 2 articles · 3mo ago
Criminal IP integration with IBM QRadar SIEM and QRadar SOAR
Initial DisclosureCriminal IP (criminalip.io) announced integration with IBM QRadar SIEM and QRadar SOAR, bringing external IP-based threat intelligence into QRadar detection, investigation, and response workflows. The integration analyzes firewall traffic logs and QRadar artifacts through the Criminal IP API, classifies observed IP addresses as High, Medium, or Low risk, supports right-click investigation from QRadar Log Activity, and uses pre-built SOAR playbooks to enrich IP address and URL artifacts as artifact hits or incident notes.
Show sources
- Turning IBM QRadar Alerts into Action with Criminal IP — www.bleepingcomputer.com — 13.02.2026 17:05
- Turning IBM QRadar Alerts into Action with Criminal IP — www.bleepingcomputer.com — 13.02.2026 17:05