You can include the end user's IP address in both synchronous and asynchronous scan requests to enhance threat correlation and incident response capabilities. A new `user_ip` field has been added to the scan request metadata schema, allowing you to incorporate the originating IP address of the end user in both synchronous and asynchronous scan requests. The `user_ip` field provides crucial context for security analysis. Understanding the source IP address of an end user involved in a scan significantly enhances your ability to correlate threats and streamline incident response.