Torrance, United States \/ California, December nineteenth, 2025, CyberNewsWire<\/strong><\/span><\/p>\n Legal IP<\/a>\u00a0(criminalip.io), the AI-powered menace intelligence and assault floor monitoring platform developed by AI SPERA, is now formally built-in into Palo Alto Networks\u2019 Cortex XSOAR. The mixing embeds real-time exterior menace context, publicity intelligence, and automatic multi-stage scanning immediately into Cortex XSOAR\u2019s orchestration engine, giving safety groups greater incident accuracy and sooner response than typical log-centric approaches.<\/p>\n For Palo Alto Networks, broadly considered the worldwide chief in cybersecurity, Cortex XSOAR is a central hub for SOC automation. With Legal IP added as an integration via the Cortex Market<\/a>, Cortex XSOAR can now supply customers the power to guage suspicious IPs and domains not solely via static popularity information but additionally via behavioral indicators, publicity historical past, infrastructure correlations, and AI-driven menace scoring, with out requiring extra programs or analyst-driven lookups.<\/p>\n AI Context to Tackle the Limits of Log-Solely Incident Response<\/strong><\/p>\n Automated playbook instance \u2014 detecting malicious domains utilizing the three-step scan within the built-in API of Legal IP and Palo Alto Networks Cortex XSOAR\u200b\u200b><\/p>\n Trendy SOC groups face overwhelming alert volumes, but conventional enrichment nonetheless relies on static popularity feeds with restricted context, usually lacking port publicity, CVE ties, certificates reuse, DNS modifications, or anonymization habits. Legal IP fills this hole by constantly analyzing international internet-facing belongings and correlating IP habits, area exercise, SSL\/TLS information, port states, CVE publicity, IDS hits, and masking indicators. When an alert consists of an IP or area, Cortex XSOAR can robotically pull this enriched intelligence into the energetic incident through a playbook, permitting analysts to evaluate intent and severity with out leaving Cortex SOAR.<\/p>\n Multi-Stage Scanning and Exterior Publicity Linking<\/strong><\/p>\n Cortex XSOAR playbooks can set off Legal IP\u2019s automated three-stage scanning workflow: starting with a Fast Lookup, escalating to a Lite Scan, after which performing a Full Scan for full assault floor evaluation. Full Scan outcomes are delivered as structured experiences inside Cortex XSOAR, with generic polling guaranteeing the workflow continues with out handbook effort. Past alert-driven enrichment, the mixing additionally hyperlinks inner telemetry with open-internet intelligence offering historic habits, C2 relationships, anonymization indicators, abuse data, and SSL correlations for every indicator. Cortex XSOAR can even schedule Micro Assault Floor Administration scans to evaluate uncovered ports, certificates validity, weak providers, and outdated software program, providing light-weight, steady ASM capabilities that assist organizations establish weaknesses earlier than they’re exploited.<\/p>\n Accelerating the Shift Towards Intelligence-Pushed Autonomous Safety<\/strong><\/p>\n Screenshot of the Legal IP pack on the Cortex Market<\/p>\n The mixing between Palo Alto Networks and Legal IP displays a broader development towards autonomous safety operations. By combining Cortex XSOAR\u2019s automation and orchestration capabilities with Legal IP\u2019s real-time exterior evaluation, SOC groups can automate selections that beforehand required handbook analysis throughout a number of intelligence sources. This reduces response instances, improves the accuracy of incident classification, and minimizes analyst fatigue\u2014points which have grown extra extreme as alert volumes and AI-generated threats proceed to rise.<\/p>\n Legal IP<\/a> is already current on Azure, AWS, and Snowflake marketplaces and maintains integrations with greater than 40 safety distributors, together with Cisco, Fortinet, and Tenable. Its growth into the Palo Alto Networks ecosystem units the muse for additional integrations throughout XDR and cloud safety options.<\/p>\n AI SPERA CEO Byungtak Kang acknowledged that the mixing \u201cdemonstrates the rising significance of AI-driven menace intelligence and publicity analytics in enterprise safety operations,\u201d including that Legal IP goals to play a central function in serving to organizations transition towards totally autonomous protection architectures.<\/p>\n About Legal IP<\/strong><\/p>\n Legal IP<\/a> is the flagship cyber menace intelligence platform developed by AI SPERA. The platform is utilized in greater than 150 international locations and offers complete menace visibility via enterprise safety options resembling Legal IP ASM and Legal IP FDS.<\/p>\n Legal IP continues to strengthen its international ecosystem via strategic partnerships with Cisco, VirusTotal and Quad9. The platform\u2019s menace information can be obtainable via main US information warehouse marketplaces together with Amazon Internet Companies (AWS), Microsoft Azure and Snowflake. This growth improves international entry to prime quality menace intelligence from Legal IP.<\/p>\n Customers can study extra: https:\/\/cortex.market.pan.dev\/market\/particulars\/CriminalIP\/<\/a><\/p>\n![](\"https:\/\/hackread.com\/wp-content\/uploads\/2025\/12\/R3B1tnj_1765876498uFaNqqqQ7I.jpeg\"\/)
<\/p>\n![](\"https:\/\/hackread.com\/wp-content\/uploads\/2025\/12\/qDYhjEG_1765876498zmMazH6byr.jpeg\"\/)
<\/p>\nContact<\/h5>\n