Censys has a new SaaS platform! Learn More about our attack surface management platform.

Menu

Ready to Get
Started?

Request a Demo or

Sally Feller

Introducing Relational Database Scanning

by Sally Feller · June 18th, 2018
To help organizations investigate and monitor whether they’ve mistakenly exposed databases, we're adding scanning for four popular relational database servers: MySQL, PostgreSQL, Microsoft SQL Server, and Oracle Database.

Announcing Censys Paid Plans

by Sally Feller · January 25th, 2018
Last summer, Censys began a new chapter: we graduated from the University of Michigan and became a company. This transition will help Censys become an even more powerful tool for securing devices and networks, and it allows us to offer Censys to businesses and enterprises for the first time. Today, we’re introducing Censys Basic, Censys Pro, and Censys Enterprise paid plans, which allow commercial use and include technical support.

The FREAK Attack

by Sally Feller · March 3rd, 2015
On Tuesday, March 3, 2015, researchers announced a new SSL/TLS vulnerability called the FREAK attack. It allows an attacker to intercept HTTPS connections between vulnerable clients and servers and force them to use weakened encryption, which the attacker can break to steal or manipulate sensitive data. This site is dedicated to tracking the impact of the attack and helping users test whether they’re vulnerable.

The POODLE Attack and Tracking SSLv3 Deployment

by Sally Feller · October 4th, 2014
On Tuesday, October 14, 2014, Google released details on the POODLE attack, a padding oracle attack that targets CBC-mode ciphers in SSLv3. The vulnerability allows an active MITM attacker to decrypt content transferred an SSLv3 connection. While secure connections primarily use TLS (the successor to SSL), most users were vulnerable because web browsers and servers will downgrade to SSLv3 if there are problems negotiating a TLS session.

Heartbleed Bug Health Report

by Sally Feller · April 7th, 2014
The Heartbleed Bug is a vulnerability in the OpenSSL cryptographic library that allows attackers to invisibly read sensitive data from a web server. This potentially includes cryptographic keys, usernames, and passwords. More information and frequently asked questions can be found in the initial disclosure.

Ready to Get Started?

Get a real-time view of all your organization's assets so you can proactively prevent threats.