AI-based threat intelligence platform Criminal IP has begun integration with OpenCTI. This integration allows OpenCTI users to directly leverage Criminal IP's threat intelligence within their existing CTI workflows, without needing to search for information individually. A key feature of this integration is its ability to analyze threats not just by managing individual IOCs, but by including contextual information such as related infrastructure and risk data. This supports more practical CTI operations by improving the efficiency of security teams' investigations and decision-making. ■ Threat intelligence only gains value when it has "context" In Cyber Threat Intelligence (CTI), individual indicators often do not provide sufficient grounds for decision-making. The integration of Criminal IP and OpenCTI enables security teams to transform individual indicators like IP addresses, domains, and URLs into structured, actionable intelligence within OpenCTI's knowledge graph. This integration automatically enriches indicators with Criminal IP's reputation scores, infrastructure information, vulnerability data, behavioral signals, and phishing analysis results. The enriched information is structured as entities and relationships within OpenCTI, allowing for more efficient investigation of related infrastructure and prioritization of high-risk indicators. ■ Key Integration Features A screen within OpenCTI that displays Criminal IP's enrichment results for IP addresses, allowing users to view risk scores and behavioral metrics. Context-based risk scoring beyond simple reputation. Criminal IP provides risk scores from two perspectives: inbound and outbound. This allows for a multifaceted understanding of how a specific IP address is being targeted and what behavior it exhibits externally. Compared to traditional single-score reputation assessments, it provides more detailed grounds for decision-making, making it easier for analysts to accurately identify high-risk infrastructu