Censys State of Threat Hunting Report

Additional Info

Company size (employees)100 to 499
Headquarters RegionNorth America
Type of solutionSoftware


Threat hunting has traditionally been the focus of solo experts with the time and interest to hone their craft. However, today threat hunting is increasingly part of corporate cybersecurity programs, tasked to practitioners with competing job priorities.

What does threat hunting look like for these front line defenders on corporate teams? How are these threat hunters navigating the challenges of a shifting threat landscape?

To find out, Censys surveyed over 200 corporate security practitioners with threat hunting responsibilities across organizations in the United States and Europe to develop its 2024 State of Threat Hunting Survey.

Key Findings Include:
-Threat hunting practices vary significantly. The majority of respondents (80%) are still using traditional security monitoring tools. However, 50% of North American threat hunters have adopted automated tools like ASM.
-AI is a promising addition. Seventy-five percent of respondents say that in the last year, they’ve found AI tools “very helpful.”
-False positives pose a formidable challenge. Nearly one-third of respondents say that more than 20% of their findings are false positives.
-Stakeholder communication is a challenge. Less than 50% of respondents feel confident reporting negative findings to Legal or PR teams.

You can view the full report findings here: https://censys.com/2024-state-of-threat-hunting-report/.

Key Capabilities / Features

-Continuous Internet Asset Discovery and Inventory
Censys ASM discovers unknown and unmanaged internet-facing assets — including services, hosts, websites, storage buckets, and cloud accounts — across all clouds and networks in real time. The foundation of ASM lies in the initial and ongoing discovery of internet-facing assets and risks. To find unknown assets, Censys ASM continuously trawls internet data sources such as Certificate Transparency logs, passive DNS sinks, and internet scans to uncover assets that you own. Censys discovers unknown and unmanaged internet-facing assets in real time.

-Risk Detection and Remediation
There are too many factors to your data and assets to keep it all straight, up-to-date, and accounted for – mismanaged cloud configurations, expiring certificates, aging and vulnerable properties, etc. Through Censys’ industry-unmatched algorithmic discovery and automated attribution, we're always on, always seeing, always helping

How we are different

-Censys provides the widest range of internet scanning data available across 85% more devices compared to competitors. We scan the top 137 ports and the top 1440 ports in the cloud on a daily basis, while refreshing all known services within a 24 hour time frame.

-The internet has revolutionized how we communicate, share information, and do business. Without Censys’ visibility into your assets, protecting digital systems is a guessing game.

-We consistently conduct research to benefit the industry. From our State of the Internet Report to ongoing research into geopolitical concerns and regions, our data helps inform and protect government agencies, Fortune 500 companies and global enterprises.