Torrance, United States / California, June 11th, 2026, CyberNewswire
Criminal IP, a prominent cyber threat intelligence platform developed by AI SPERA, made its mark this week at Infosecurity Europe 2026, taking place at ExCeL London. This event marked the company’s second consecutive participation in Europe’s leading cybersecurity gathering. The platform is recognized for delivering actionable intelligence and comprehensive visibility into attack surfaces for security teams globally.
During the event, Criminal IP showcased live demonstrations of its robust Attack Surface Management (ASM) capabilities. Furthermore, the company introduced AITEM (AI-based Threat Exposure Management), a forward-thinking framework aimed at redefining exposure management in a rapidly evolving AI landscape.
From Visibility to Action: The Evolution of ASM
Traditional Attack Surface Management tools have played a pivotal role in helping organizations uncover critical internet-facing assets—such as servers, domains, IP addresses, and administration panels—before malicious actors can exploit them. However, merely discovering these assets is increasingly deemed insufficient.
CEO Byungtak Kang articulated this pressing challenge succinctly: “Recognizing a threat and responding to it are fundamentally different challenges.” He emphasized that the journey towards a safer cyber landscape necessitates a pivotal transition from mere visibility to proactive action. Organizations are equipped with unprecedented visibility into their cyber environments, yet many struggle to effectively prioritize and act on the identified risks. Kang highlighted that leveraging AI can help security teams filter out unnecessary noise, enrich contextual understanding, and direct their investigations. This, in turn, allows them to concentrate on the most significant exposures and respond in real-time, transforming insights into decisive actions.
As the capabilities of AI lower the barrier for attackers, the divide between detection and response becomes increasingly pronounced. Today’s threat actors benefit from automated scanning, publicly available proof-of-concept exploit code, and AI-enhanced vulnerability identification, allowing them to target exposed assets with alarming speed.
In light of these developments, Criminal IP advocates the growing role of AI agents in managing repetitive operational tasks—such as gathering context, correlating information, and assisting in routine investigative processes. By doing so, these AI agents empower security analysts to focus on high-level decision-making, prioritization, and response strategies. This paradigm shift in task distribution between humans and AI represents a cornerstone of the AITEM framework.
AITEM: The Future of AI-Driven Threat Exposure Management
The AITEM framework, as articulated by Criminal IP, aspires to weave agentic AI throughout the entire Continuous Threat Exposure Management (CTEM) operational cycle. It aims to extend beyond mere asset inventory, ambitiously including threat prioritization, accountability for asset ownership, vulnerability impact analysis, and guided remediation.
Some of the notable features proposed under the AITEM framework include:
-
Plain Language Security Operations: Security teams can manage workflows using straightforward language, significantly reducing the complexity often associated with configuring intricate query logic or alert rules.
-
Automated Asset Owner Identification: When a new external asset is detected, AI agents will query internal communication platforms like Slack, Confluence, and Jira to trace ownership and identify responsible teams, addressing one of the most time-consuming aspects of ASM today.
-
CVE Impact Triage: Instead of requiring manual checks for every new vulnerability, AI systems will continuously monitor vulnerability disclosures and threat intelligence from global security sources, automatically mapping newly reported vulnerabilities to the organization’s real-time external asset inventory and highlighting those that demand immediate attention.
-
Shadow AI Detection: With the growing adoption of unauthorized AI tools within organizations, these services inadvertently form part of the attack surface. AITEM plans to monitor their usage through firewall log analyses and domain intelligence.
- Guided Remediation: When instant patching isn’t feasible, the framework will suggest paths for mitigation, including configuration hardening, disabling vulnerable components, or generating escalation tickets equipped with relevant context.
While AITEM is not yet formally classified as an industry standard, it serves as a conceptual roadmap for the future direction of ASM and the evolution of Criminal IP’s capabilities.
CEO Presentation: A Case Study in Action
At Infosecurity Europe 2026, CEO Byungtak Kang delivered an insightful presentation titled “From Visibility to Threat Hunting: A Case Study of AI-Driven Attack Surface Management.” This was his second consecutive appearance at the event, where he shared real-world scenarios illustrating how threat intelligence and asset visibility can enhance investigative efficiency and improve security operations. The introduction of AITEM offered a forward-looking perspective, focusing on the future trajectory of these vital discussions.
The Broader Industry Shift
The trajectory that Criminal IP is pursuing with AITEM aligns with wider trends in the global security landscape. Notably, during the recent RSAC 2026, themes such as agentic AI, AI Security Operations Centers (SOC), and shadow AI detection were highlighted, with major players like Cisco/Splunk, Microsoft, and CrowdStrike indicating a shift away from isolated tools toward integrated, AI-driven security solutions.
Kang underscored this competitive shift in ASM, stating, “The competition in ASM is no longer about who finds the most assets. It will hinge on who can operate faster, respond more effectively, and mobilize the entire organization.” He emphasized that AI should take charge of repetitive analytical tasks, thereby allowing human analysts to concentrate on judgment, accountability, and strategic prioritization.
About Criminal IP by AI SPERA
Criminal IP serves as a leading cyber threat intelligence solution developed by AI SPERA, specializing in providing actionable threat intelligence and attack surface management solutions to security teams on a global scale. The platform continuously scans the global internet, aggregating and contextualizing vital threat signals related to IPs, domains, URLs, and attack infrastructures. This includes tracking malicious indicators, known vulnerabilities, exposed assets, and the behaviors of attackers.
The mission of Criminal IP is to empower organizations with genuine insights into their cyber landscapes, expediting threat detection and response through the delivery of crucial intelligence needed to outmaneuver potential attackers. For more information, interested parties are encouraged to visit www.criminalip.io.
Contact Information
Michael Sena
AI SPERA
Email