Torrance, United States / California, February ninth, 2026, CyberNewswire
Felony IP (criminalip.io), the AI-powered menace intelligence and assault floor intelligence platform, is now built-in with IBM QRadar SIEM and QRadar SOAR.
The combination brings exterior, IP-based menace intelligence straight into IBM QRadar’s detection, investigation, and response workflows, enabling safety groups to establish malicious exercise quicker and prioritize response actions extra successfully throughout SOC operations.
IBM QRadar is broadly adopted by enterprises and public-sector organizations as a central platform for safety monitoring, automation, and incident response.
By embedding Felony IP intelligence into QRadar SIEM and lengthening it into SOAR workflows, organizations can apply exterior menace context throughout the incident lifecycle with out leaving the QRadar surroundings.
Actual-Time Menace Visibility from Firewall Visitors Logs
With the Felony IP QRadar SIEM integration, safety groups can analyze firewall visitors logs and routinely assess the danger related to speaking IP addresses.
Visitors knowledge forwarded into IBM QRadar SIEM is analyzed by the Felony IP API and mirrored straight contained in the SIEM interface.
Noticed IP addresses are routinely labeled into Excessive, Medium, or Low threat ranges from a menace intelligence perspective.
This enables SOC groups to rapidly establish high-risk IPs, monitor inbound and outbound visitors, and prioritize response actions equivalent to entry blocking or escalation inside the acquainted QRadar SIEM workflow.
Interactive Investigation With out Leaving QRadar
Past high-level visibility, the combination helps quick, in-context investigation. Analysts can right-click on IP addresses displayed in QRadar Log Exercise to open an in depth Felony IP report.
These experiences present extra context, together with menace indicators, historic habits, and exterior publicity alerts, enabling analysts to validate threat and intent with out switching instruments.
This streamlined workflow helps quicker decision-making throughout time-sensitive investigations.
Extending Intelligence into QRadar SOAR Workflows
Felony IP can be built-in with IBM QRadar SOAR to assist automated menace enrichment throughout incident response.
Utilizing pre-built playbooks, Felony IP intelligence may be utilized to IP addresses and URL artifacts, with enrichment outcomes returned straight into SOAR instances as artifact hits or incident notes.
This integration contains two playbooks:
- Felony IP: IP Menace Service – Enriches IP tackle artifacts with Felony IP menace context.
- Felony IP: URL Menace Service – Performs lite or full URL scans and returns outcomes as artifact hits or incident notes.
By embedding Felony IP menace intelligence straight into SOAR workflows, analysts can scale back handbook lookups and reply to incidents extra effectively.
Advancing Intelligence-Pushed Detection and Response
By integrating Felony IP with IBM QRadar SIEM and SOAR, organizations can mix QRadar’s correlation, investigation, and response capabilities with context-rich exterior menace intelligence derived from real-world web publicity.
This method improves detection accuracy, shortens investigation cycles, and enhances response prioritization throughout SOC operations.
As alert volumes proceed to develop, Felony IP helps QRadar customers make quicker, extra knowledgeable selections by bringing exterior menace context straight into SIEM and SOAR workflows with out including operational complexity.
AI SPERA CEO Byungtak Kang commented that the combination highlights the rising significance of real-time, exposure-based intelligence in fashionable SOC environments and underscores Felony IP’s concentrate on enhancing detection confidence and operational effectivity by sensible, intelligence-driven integrations.
About Felony IP
Felony IP is the flagship cyber menace intelligence platform developed by AI SPERA and is utilized in greater than 150 international locations worldwide. It equips safety groups with the actionable Menace Intelligence wanted to proactively establish, analyze, and reply to rising threats.
Powered by AI and OSINT, it delivers menace scoring, popularity knowledge, and real-time detection of a wide selection of malicious indicators, starting from C2 servers and IOCs to masking companies like VPNs, proxies, and nameless VPNs, throughout IPs, domains, and URLs.
Its API-first structure ensures seamless integration into safety workflows to spice up visibility, automation, and response.
Contact
Michael Sena
AI SPERA
