Criminal IP ASM
Threat intelligence software
Attack surface management software
Risk-based vulnerability management software
System security software
Vulnerability management software
- Features
- Ease of use
- Ease of management
- Quality of support
- Affordability
- Market presence
Take the quiz to check if Criminal IP ASM and its alternatives fit your requirements.
Free TrialFree version
Small
Medium
Large
-
What is Criminal IP ASM
Criminal IP ASM is an external attack surface management product that helps security teams discover and monitor internet-facing assets and exposures associated with an organization. It is used by security operations, vulnerability management, and risk teams to identify externally observable services, misconfigurations, and potential entry points. The product emphasizes asset discovery and enrichment using internet scanning and threat-intelligence-style context to support prioritization and remediation workflows.
External asset discovery focus
The product is designed around identifying internet-exposed assets such as domains, IPs, and services that may not be fully captured in internal CMDB or endpoint inventories. This supports use cases like shadow IT discovery, third-party exposure review, and continuous monitoring of perimeter changes. For organizations with frequent cloud and SaaS changes, this external-first approach can reduce blind spots compared with tools that rely primarily on internal agents.
Enriched exposure context
Criminal IP ASM pairs discovered assets with contextual signals intended to help analysts understand what is exposed and why it matters. This can include service fingerprints and other metadata that supports triage and investigation. Enrichment helps teams move from raw scan results to actionable remediation tasks without manually correlating multiple sources.
Continuous monitoring workflows
Attack surface management requires ongoing change detection, and the product is positioned to support continuous identification of newly exposed assets and services. This is useful for security operations teams that need recurring visibility rather than point-in-time assessments. Continuous monitoring can also support governance processes such as M&A onboarding and periodic vendor exposure reviews.
Limited internal visibility
As an external ASM product, it primarily observes what is reachable from the public internet and may not cover internal vulnerabilities, endpoint posture, or east-west traffic risks. Organizations typically still need internal vulnerability scanning and configuration management to achieve full coverage. This can increase toolchain complexity when teams expect a single platform to manage both internal and external risk.
Prioritization depends on tuning
Risk-based prioritization in ASM often requires organization-specific context such as asset criticality, ownership, and business impact. Without strong integration to asset inventories and ticketing/ITSM, teams may need manual tagging and workflow tuning to reduce noise. This can slow time-to-value for organizations with immature asset management processes.
Vendor details not well verified
Publicly verifiable corporate information for the seller behind Criminal IP ASM is not consistently available across authoritative sources. This can complicate procurement steps such as vendor due diligence, security questionnaires, and contract review. Buyers may need to request formal documentation (e.g., legal entity name, HQ address, and compliance attestations) directly from the vendor.
Plan & Pricing
| Plan | Price | Key features & notes |
|---|---|---|
| Free membership | $0 (Free) | Search 500 banners & 100 IP addresses/month; Search 100,000 URLs & scan 10,000 URLs/month; IP addresses, Domain Threat Score; most Search & Intelligence features available (some exclusions e.g., Exploit Search, Banner Explorer, Vulnerability); intended for non-paying users. |
| Lite | Not publicly listed on pricing page | Search ~1,000,000 banners & 100,000 IP addresses/month; Search 100,000 URLs & scan 10,000 URLs/month; All Search and Intelligence features; general filters. Price available on Criminal IP pricing page / purchase online. |
| Medium | Not publicly listed on pricing page | Search ~20,000,000 banners & 1,000,000 IP addresses/month (credit allocations revised in 2025); Search 600,000 URLs & scan 30,000 URLs/month; Domain Private Full Scan; additional filters and download results. |
| Pro | Not publicly listed on pricing page | Unlimited (historically) or very large search credits for banners/IPs; Search 2,000,000 URLs & scan 80,000 URLs/month (subject to credit policy updates); Full Search & Intelligence features incl. Vulnerability filters, Domain Private Full Scan, Download Results, Criminal IP ASM manual asset registration. |
| Enterprise | Custom pricing / Contact sales | Unlimited data access, SSL Scanning, Real IP Detection, Criminal IP ASM, OSINT Detection, multiple accounts & API keys, 1:1 support and customization; commercial use allowed. |
Notes: Criminal IP documents plans and feature/credit allocations on its official site but does not publicly list numeric subscription prices on the accessible pricing pages (pricing/purchase is available online for Lite/Medium/Pro but specific currency amounts were not found on the public pages during this review). Paid plans can be purchased online (credit/debit cards, PayPal). Credit allocations and plan structure have been revised several times (2024–2025) and Criminal IP has announced further consolidation of plans in 2025–2026. Please contact Criminal IP or log in to the official Pricing page/account to view up-to-date monetary rates.
