API Integrations

ThreatQuotient

Threat Intelligence Platform
Enterprise Support Services
Visit the Official Website

Overview

ThreatQuotient is a global cybersecurity company that optimizes security operations by unifying diverse security data and threat intelligence. Through the ThreatQ Platform, it brings together fragmented threat data into a single workspace and enables automated analysis and response as a Threat Intelligence Platform (TIP).

Criminal IP integrates with ThreatQuotient's ThreatQ Platform to enable the automatic collection, analysis, and utilization of external IP-based threat intelligence directly within the ThreatQ environment.The ThreatQ Platform consolidates multiple threat intelligence sources and leverages data-driven orchestration to support analysis, prioritization, and collaborative response, making it a core system for improving both the efficiency and speed of security operations. With Criminal IP API integration, ThreatQ users can automatically enrich incoming IP indicators with contextual data such as maliciousness scores, VPN status, remote access exposure, open ports, and associated vulnerabilities (CVEs). This allows security teams to leverage real-time intelligence throughout the entire investigation and response workflow without switching to external tools.

Integrated API Overview: ThreatQ Platform

Criminal IP API integrates with orchestration workflows within the ThreatQ Platform to automatically enrich incoming IP indicators with real-time threat intelligence. By instantly accessing external threat context within the ThreatQ environment, analysts can more accurately prioritize indicators and make faster, more informed decisions.Key Features
  1. Automated Indicator Enrichment via ThreatQ Orchestrator
    • Automatically enriches incoming IP indicators by invoking the Criminal IP Malicious Info API
    • Adds a wide range of attributes including maliciousness score, VPN status, remote access exposure, open ports, and associated CVEs
  2. Real-time On-Demand Analysis and Lookup
    • Enables one-click Criminal IP queries directly from the ThreatQ indicator detail page and Investigation Board
    • Provides real-time threat context via Malicious Info and Extended Data APIs without leaving the platform
  3. Custom Threat Scoring and Prioritization
    • Integrates Criminal IP enrichment data into the ThreatQ Scoring Engine for organization-specific risk evaluation
    • Automatically identifies high-risk indicators and optimizes response prioritization
  4. Visibility and Dashboard Visualization
    • Supports visualization of VPN usage trends, malicious indicator distribution, and threat score breakdowns
    • Delivers comprehensive, unified visibility within the ThreatQ workspace
api_integrations_threatquotient_img_alt_desc_1

Criminal IP–based automated indicator enrichment workflow configured via ThreatQ Orchestrator

api_integrations_threatquotient_img_alt_desc_2

ThreatQ unified dashboard powered by Criminal IP intelligence

api_integrations_threatquotient_img_alt_desc_3

ThreatQ Investigation view visualizing attack infrastructure and indicator relationships

View the Integrated Information Page
direction iconpaloaltoSnowflakedirection icon
© 2026, All Rights Reserved - AI Spera Inc.
pci dss
Product Overview
Terms of Use
Privacy Policy
Cookie Policy