Criminal IP Showcases AI‑Driven Threat Intelligence & Attack Surface Management at Infosecurity Europe 2026
What Happened – Criminal IP returned to the Infosecurity Europe 2026 conference to unveil a new suite of AI‑powered threat‑intelligence (TI) and attack‑surface‑management (ASM) tools. The vendor highlighted automated workflow capabilities while emphasizing safeguards against prompt‑injection and data‑leak risks.
Why It Matters for TPRM –
- AI‑driven TI/ASM can accelerate third‑party risk detection but introduces novel attack vectors (e.g., model poisoning).
- Vendors that embed generative AI must be vetted for prompt‑validation controls and data‑handling policies.
- Early awareness of emerging security‑automation solutions helps organisations benchmark their own risk‑management stack.
Who Is Affected – Enterprises across all sectors that rely on external threat‑intel feeds, MSSPs, and security operations centers (SOCs).
Recommended Actions –
- Review Criminal IP’s AI‑security controls and request evidence of prompt‑injection mitigation.
- Map the new AI‑driven capabilities against existing TPRM frameworks (e.g., NIST SSDF, ISO 27001).
- Pilot the solution in a low‑risk environment before full deployment.
Technical Notes – The presentation focused on AI agents that ingest open‑source intel, enrich it with proprietary feeds, and automatically generate remediation recommendations. No specific CVEs were disclosed, but the vendor warned that improper prompt handling could lead to data exfiltration or model manipulation. Source: HackRead