Jul 13
/
Latest News
Torq and Criminal IP Partner to Bring Automated, Intelligence‑Driven SOC Operations to Security Teams
Torq and Criminal IP have formed a new partnership that brings real‑time, decision‑ready threat intelligence directly into autonomous SOC workflows.
The integration connects Criminal IP’s internet‑scale intelligence engine with the Torq AI SOC Platform, allowing security teams to automatically enrich alerts, assess risk, and trigger responses without manual pivoting across multiple tools.
Security operations centers continue to face an unmanageable volume of alerts, many of which require analysts to determine whether an IP address, domain, or exposed asset represents a genuine threat. By feeding Criminal IP’s intelligence directly into Torq’s reasoning engine, organizations can streamline triage and investigation, accelerating response while staying inside their existing processes.
Criminal IP CEO Byungtak Kang said the company’s mission is to make global threat signals instantly searchable and actionable. Integrating with Torq means those signals can now drive automated decisions the moment they’re identified. Torq’s leadership echoed the sentiment, calling Criminal IP a high‑impact addition to its ecosystem and highlighting the value of combining deep intelligence with fast, AI‑driven remediation.
When an indicator arrives in the SOC, Torq automatically routes it to the appropriate Criminal IP service and receives a verdict in real time—whether an IP is malicious or anonymized, whether a domain resolves to phishing infrastructure, what services are exposed on an asset, and whether known exploits apply. Torq then uses that enriched context to determine severity and select the correct response path.
The integration gives Torq direct access to Criminal IP’s full intelligence surface, including IP reputation, malicious activity lookups, VPN and hosting detection, DNS safety checks, domain scanning, asset search, service banner analysis, exploit mapping, and full investigative reports. This enables automated enrichment, threat‑informed blocking, and pre‑populated attack surface investigations.
The combined offering is now available within the Torq AI SOC Platform, giving enterprises a way to fuse deep threat intelligence with autonomous response capabilities.
The integration connects Criminal IP’s internet‑scale intelligence engine with the Torq AI SOC Platform, allowing security teams to automatically enrich alerts, assess risk, and trigger responses without manual pivoting across multiple tools.
Security operations centers continue to face an unmanageable volume of alerts, many of which require analysts to determine whether an IP address, domain, or exposed asset represents a genuine threat. By feeding Criminal IP’s intelligence directly into Torq’s reasoning engine, organizations can streamline triage and investigation, accelerating response while staying inside their existing processes.
Criminal IP CEO Byungtak Kang said the company’s mission is to make global threat signals instantly searchable and actionable. Integrating with Torq means those signals can now drive automated decisions the moment they’re identified. Torq’s leadership echoed the sentiment, calling Criminal IP a high‑impact addition to its ecosystem and highlighting the value of combining deep intelligence with fast, AI‑driven remediation.
When an indicator arrives in the SOC, Torq automatically routes it to the appropriate Criminal IP service and receives a verdict in real time—whether an IP is malicious or anonymized, whether a domain resolves to phishing infrastructure, what services are exposed on an asset, and whether known exploits apply. Torq then uses that enriched context to determine severity and select the correct response path.
The integration gives Torq direct access to Criminal IP’s full intelligence surface, including IP reputation, malicious activity lookups, VPN and hosting detection, DNS safety checks, domain scanning, asset search, service banner analysis, exploit mapping, and full investigative reports. This enables automated enrichment, threat‑informed blocking, and pre‑populated attack surface investigations.
The combined offering is now available within the Torq AI SOC Platform, giving enterprises a way to fuse deep threat intelligence with autonomous response capabilities.
Executive IT Forums, Inc.
Educational Programs on Information Technology, Governance, Risk Management, & Compliance (GRC).
Our Newsletter
Get regular updates on CPE programs, news, and more.
Thank you!
Copyright © 2026 Executive IT Forums, Inc. All Rights Reserved.
Get started
Let us introduce our school
Write your awesome label here.