Cybersecurity

Criminal Ip And Palo Alto Networks Cortex Xsoar Integrate To Bring...

2025-12-19 0 views admin
Criminal Ip And Palo Alto Networks Cortex Xsoar Integrate To Bring...

Criminal IP (criminalip.io), the AI-powered threat intelligence and attack surface monitoring platform developed by AI SPERA, is now officially integrated into Palo Alto Networks’ Cortex XSOAR.

The integration embeds real-time external threat context, exposure intelligence, and automated multi-stage scanning directly into Cortex XSOAR’s orchestration engine, giving security teams higher incident accuracy and faster response than conventional log-centric approaches.

For Palo Alto Networks, widely regarded as the global leader in cybersecurity, Cortex XSOAR is a central hub for SOC automation. With Criminal IP added as an integration through the Cortex Marketplace,

Cortex XSOAR can now offer users the ability to evaluate suspicious IPs and domains not only through static reputation data but also through behavioral signals, exposure history, infrastructure correlations, and AI-driven threat scoring, without requiring additional systems or analyst-driven lookups.

Modern SOC teams face overwhelming alert volumes, yet traditional enrichment still depends on static reputation feeds with limited context, often missing port exposure, CVE ties, certificate reuse, DNS changes, or anonymization behavior.

Criminal IP fills this gap by continuously analyzing global internet-facing assets and correlating IP behavior, domain activity, SSL/TLS data, port states, CVE exposure, IDS hits, and masking indicators.

When an alert includes an IP or domain, Cortex XSOAR can automatically pull this enriched intelligence into the active incident via a playbook, allowing analysts to assess intent and severity without leaving Cortex SOAR.

Access Criminal IP's Threat Intelligence needed to proactively identify, analyze, and respond to emerging threats.

Powered by AI and OSINT, it delivers threat scoring, reputation data, and real-time detection of a wide array of malicious indicators, ranging from C2 servers and IOCs to masking services like VPNs, proxies, and anonymous VPNs, across IPs, domains, and URLs. Its API-first architecture ensures seamless integration into security workflows to boost visibility, automation, and response.

Cortex XSOAR playbooks can trigger Criminal IP’s automated three-stage scanning workflow: beginning with a Quick Lookup, escalating to a Lite Scan, and then performing a Full Scan for complete attack surface analysis.

Source: BleepingComputer

🏷️ Tags

cybersecuritysecuritycveattackthreat

More from Cybersecurity

Cisco Vpns, Email Services Hit In Separate Threat Campaigns 2025

Cisco Vpns, Email Services Hit In Separate Threat Campaigns 2025

2025-12-19 0
Microsoft Confirms Teams Is Down And Messages Are Delayed 2025

Microsoft Confirms Teams Is Down And Messages Are Delayed 2025

2025-12-19 0
Nigeria Arrests Dev Of Microsoft 365 'raccoon0365' Phishing Platform

Nigeria Arrests Dev Of Microsoft 365 'raccoon0365' Phishing Platform

2025-12-19 0
Russia-linked Hackers Use Microsoft 365 Device Code Phishing For...

Russia-linked Hackers Use Microsoft 365 Device Code Phishing For...

2025-12-19 0

Trending

1

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

2025-10-27 • 189 views
2

CVE-2025-43939: Dell Unity OS Command Injection (High)

2025-10-30 • 148 views
3

Google disputes false claims of massive Gmail data breach

2025-10-30 • 130 views
4

Microsoft: DNS outage impacts Azure and Microsoft 365 services

2025-10-30 • 88 views
5

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting

2025-11-25 • 81 views