Forrester Study: Expanding Attack Surface Requires Management | Download the study now

Use cases

Best Attack Surface Management and Internet Data

Censys Attack Surface Management (ASM) helps you reduce your Internet attack surface by continually discovering unknown assets and helping remediate security risks like publicly exposed databases and storage buckets. Censys Internet Data helps your threat hunting teams to understand attacker infrastructure.

Image of the Censys ASM Dashboard
Discover Unknown
Internet Assets
Comprehensive Inventory
Identify and
Remediate Internet Risks
Ensure Organizational

Discover Unknown Internet Assets

The cloud has enabled employees outside of IT to easily stand up Internet-facing servers and to host sensitive data on external providers. This ease of deployment enables companies to be innovative and agile, but unknown and unmanaged assets create security blind spots.

Censys continually learns how your organization operates by analyzing your known assets as well as by integrating with and inspecting your known cloud accounts. In turn, our discovery algorithms use these organizational and infrastructure insights to mine our industry-leading Internet scan and crawl data as well as external feeds (e.g., passive DNS, WHOIS, and business acquisition databases) to find vulnerable assets—including services, hosts, websites, storage buckets, and cloud accounts—that you don’t know about.


Maintain Comprehensive Inventory

Powered by our Internet discovery algorithm and integrations with popular cloud providers, Censys provides a unified, up-to-date inventory of all Internet assets that could pose risk to your organization, including traditional assets like servers, networks, and websites, modern cloud assets like storage buckets and containers, and third-party SaaS dependencies.

Censys Inventory helps analysts quickly understand assets’ configuration, ownership, history, and relationship to other organizational assets, as well as identify anomalous assets. Further, by integrating with cloud providers, Censys can label assets in known clouds and accounts, track publicly accessible cloud hosts across IP addresses, breakdown assets and risks by cloud provider, and provide pointers directly into misconfigured assets, so you can immediately fix security problems when they arise.


Identify and Remediate Risks

Censys helps you prioritize and remediate Internet risks by continually checking assets for egregious security problems, automatically feeding your existing best-of-breed vulnerability assessment, web security, and CSPM tools with new and changed assets, and identifying Internet weaknesses and misconfigurations that aren’t covered by traditional tools like expiring certificates, End-of-Life (EOL) software, and insecure TLS configurations.

Censys lets you create workflows that define what Censys does when we find different types of problems that range from creating a ServiceNow ticket to triggering a Qualys scan.

In addition, Censys enables you to immediately and comprehensively respond to severe vulnerabilities like Heartbleed and SolarWinds SUNBURST before attackers can complete their own Internet scans.


Cloud Governance

Cloud assets change hourly and a single misconfigured asset—like a storage bucket or database—can lead to a catastrophic data breach. There are hundreds of CSPM, CASB, and CWPP solutions on the market that help companies secure their cloud presence, but these tools share the same fundamental limitation — they only analyze managed cloud accounts in mainstream providers that you already know about.

Companies frequently have hundreds if not thousands of separate cloud accounts spanning dozens of providers, and, unsurprisingly, the assets with the worst security postures tend to be hosted in unmanaged accounts or by non-standard providers. Censys helps uncover unknown cloud accounts and projects, identify incorrectly configured cloud assets regardless of the account they’re in, and helps securely migrate assets to managed cloud accounts.


Ensure Organizational Compliance

Censys ensures that your organization stays in compliance with regimes like PCI-DSS by maintaining a comprehensive asset inventory, immediately uncovering problems that bring you out of compliance, and confirming that found issues are truly fixed. In addition to external compliance programs, Censys lets you define your own organizational policies (e.g.,cloud assets must be managed through Terraform).

Censys continually checks for policy violations, which allows you to proactively address problems before they become compliance failures, or worse, exploitable vulnerabilities. In addition, Censys provides leaders with actionable insights and reports on where their organization is succeeding or falling behind. Censys can outline the health of individual organizational units and cloud accounts/providers, and our high fidelity scan data can help leaders understand how to prevent future problems.

A flawed cloud migration effort at a major American financial institution in 2020 cost them $80M in compliance fines


Threat Intelligence

Investigations into advanced threat actors require a global perspective on Internet hosts and services to uncover and understand attacker infrastructure.

Censys continually scans the IPv4 address on over 2,500 ports from multiple global vantage points, and maintains the largest publicly searchable x.509 certificate repository in the world. Depending on your team’s needs, you can access or ingest our data via our web interface, API, or through raw data downloads to process on your own infrastructure.

Threat Intelligence