Securonix Partners with AI SPERA to Bring Criminal IP Intelligence to ThreatQ

The cybersecurity landscape is increasingly defined by a deluge of alerts and fragmented intelligence sources. Organizations struggle to correlate raw indicators with actionable context, a challenge that fuels alert fatigue in security operation centers. Securonix, a leader in security‑information and event management (SIEM) and security orchestration, has long emphasized data‑driven investigation. AI SPERA, meanwhile, specializes in Criminal IP, a real‑time repository of malicious IP activity. Their partnership bridges a critical gap, delivering enriched, up‑to‑the‑minute IP reputation directly within a unified threat‑intel workflow. The joint effort also aligns with the growing demand for context‑rich, automated threat feeds.

The integration embeds Criminal IP’s maliciousness scores, VPN detection, open‑port data, and vulnerability context into ThreatQ’s orchestration engine. Analysts can trigger automatic enrichment as soon as an IP indicator lands in the platform, eliminating the need for separate lookups. One‑click access to AI SPERA’s Malicious Info and Extended Data endpoints streamlines investigation boards, while configurable workflows keep enrichment current without additional analyst effort. This automation not only shortens mean time to investigate but also standardizes prioritization, allowing SOC teams to focus on high‑impact threats rather than data collection.

From a business perspective, the combined solution addresses a core pain point for enterprises investing heavily in threat‑intel subscriptions yet lacking seamless integration. By consolidating enrichment within ThreatQ, organizations can justify existing security spend while improving risk reduction metrics. The move also signals a broader industry shift toward plug‑and‑play intelligence feeds that operate autonomously inside orchestration platforms. As attackers continue to leverage compromised IP ranges, the ability to instantly assess reputation will become a differentiator for firms seeking to maintain resilient cyber defenses.