Torrance, United States / California, June 11th, 2026, CyberNewswire
Criminal IP by AI SPERA, a cyber threat intelligence platform delivering decision-ready intelligence and attack surface visibility to security teams worldwide, participated in Infosecurity Europe 2026 at ExCeL London this week, marking the company’s second consecutive appearance at Europe’s leading cybersecurity event. Alongside live demonstrations of Criminal IP’s Attack Surface Management (ASM) capabilities, the company introduced AITEM (AI-based Threat Exposure Management), a conceptual framework representing the next evolution of exposure management in an era increasingly shaped by AI.
From Visibility to Action: Why ASM Must Evolve
Traditional ASM tools have served a critical purpose: helping organizations discover internet-facing assets like servers, domains, IP addresses, and admin panels, before attackers do. But discovery alone is no longer enough.
“Seeing a threat and responding to it are completely different challenges,” said Byungtak Kang, CEO of AI SPERA. “Building a safer cyber world requires a shift from visibility to action. Organizations today have more visibility than ever, fewer can effectively prioritize and act on the risks it reveals. By applying AI to filter noise, enrich context, and guide investigations, security teams can focus on the exposures that matter most and respond in real time, turning insight into meaningful action.”
The gap between detection and action has become even more critical as AI lowers the barrier for attackers. Automated scanning, published proof-of-concept exploit code, and AI-assisted vulnerability discovery mean that threat actors can identify and target exposed assets faster than ever.
In this environment, Criminal IP believes AI agents will increasingly assume repetitive operational tasks that consume security teams’ time today — collecting context, correlating information, and assisting with routine investigative processes — allowing analysts to focus on decision-making, prioritization, and response. This shift in the division of labor between humans and AI forms one of the core ideas behind AITEM.
Introducing AITEM: A Conceptual Framework for AI-Driven Threat Exposure Management
AITEM, as introduced by Criminal IP, envisions the integration of agentic AI into the full CTEM (Continuous Threat Exposure Management) operational cycle, moving beyond asset inventory to encompass threat prioritization, owner attribution, vulnerability impact analysis, and guided remediation.
Key capabilities envisioned under the AITEM framework include:
- Natural language security operations — Security teams directing workflows in plain language rather than manually configuring complex query logic or alert rules.
- Automated asset owner identification — When a new external asset is discovered, AI agents query internal systems such as Slack, Confluence, Jira, and email to trace ownership and responsible teams — eliminating one of the most time-consuming steps in ASM operations today.
- CVE impact triage — Rather than manually checking every new vulnerability, AI continuously monitors newly disclosed vulnerabilities and threat intelligence from global security sources, automatically mapping emerging CVEs to the organization’s live external asset inventory and surfacing only the exposures that require immediate attention.
- Shadow AI detection — As employees increasingly use unsanctioned AI services, those services become part of the organization’s attack surface. AITEM envisions monitoring for unauthorized AI tool usage through firewall log analysis and domain intelligence.
- Guided remediation — When immediate patching isn’t feasible, the system suggests mitigation paths: hardening configurations, disabling vulnerable components, or generating escalation tickets with context.
AITEM is not yet a formally defined industry category. It is a framework Criminal IP is introducing to describe where ASM must go, and what Criminal IP ASM is being built toward.
CEO Presentation: From Visibility to Threat Hunting
At Infosecurity Europe 2026, CEO Byungtak Kang delivered a case study session titled “From Visibility to Threat Hunting: A Case Study of AI-Driven Attack Surface Management” as part of the official conference program which was his second consecutive time representing at the event. Drawing from real-world examples, the session explored how threat intelligence and attack surface visibility can support faster investigation and more effective security operations. The introduction of AITEM expanded that conversation by asking what comes next.
The Broader Industry Shift
The direction Criminal IP is pursuing with AITEM aligns with trends observed across the global security industry. Even at the RSAC 2026, agentic AI, AI SOC, and shadow AI detection emerged as defining themes, with major vendors including Cisco/Splunk, Microsoft, and CrowdStrike all signaling a shift from siloed tools toward integrated, AI-driven security operations.
“The competition in ASM is no longer about who finds the most assets,” said Kang. “It will be about who can operate faster, respond more effectively, and mobilize the organization. AI should handle the repetitive analytical work. Humans should focus on judgment, accountability, and prioritization.”
About Criminal IP by AI SPERA
Criminal IP is a cyber threat intelligence solution operated by AI SPERA that provides decision-ready threat intelligence, and attack surface management solutions to security teams worldwide. By continuously scanning the global internet, Criminal IP aggregates and contextualizes threat signals across IPs, domains, URLs, and attack infrastructure, covering malicious indicators, known vulnerabilities, exposed assets, and attacker behavior. Criminal IP’s mission is to give organizations real visibility into their cyber landscape and accelerate threat detection and response by delivering the intelligence needed to outsmart attackers. For more information, users can visit www.criminalip.io
Contact
Michael Sena
AI SPERA
[email protected]
