The most valuable features I found include : The ability to add a vulnerability report Support for STIX and TAXII Threat Feed Manager- While viewing X-Force reports, users can enrich IP, URL and malware reports using threat intelligence So suppose you're investigating an a possible threat and you just found that there is an offense that is saying, one of your users had access to some honey port defined address You can quickly leverage X-Force to help you by doing an X-Force exchange look-up quickly. If you have an aspect of interest, such as an email, file , vulnerability data for, you can leverage X-Force to understand this in-depth.