Censys Threat Hunting

Additional Info

CompanyCensys
Websitehttps://censys.com/
Company size (employees)100 to 499
Headquarters RegionNorth America
Type of solutionSoftware

Overview

Censys leads the industry in global scanning capabilities to provide the largest, most comprehensive, and up-to-date dataset of internet intelligence available.
Threat hunters are faced with new attacks, vulnerabilities, and threats daily.

Cyber threats are one of the most dangerous risks facing government leaders and organizations across the globe. Threat hunting requires access to accurate, updated, complete, data. However, lack of visibility and actionable context that exists across vendors today creates blind spots.

With Censys, threat hunters have access to the data required to identify unknown attack methods that could have dire consequences to critical infrastructure and networks across the globe. Our highly structured data enables threat hunters to identify unique characteristics of attacker-controlled infrastructure and easily locate hosts given known IoCs. We continually update known services every day to help track rapidly changing infrastructure.

With Censys threat hunting, organizations can:
-Stay ahead of the evolving threat landscape
-Uncover critical vulnerabilities
-Perform a deep dive to easily pivot investigations
-Prioritize cyber capabilities

Key Capabilities / Features

Censys provides organizations with unmatched threat intelligence:


-Continuous Internet Asset Discovery and Inventory
Censys ASM discovers unknown and unmanaged internet-facing assets — including services, hosts, websites, storage buckets, and cloud accounts — across all clouds and networks in real time. The foundation of ASM lies in the initial and ongoing discovery of internet-facing assets and risks. To find unknown assets, Censys ASM continuously trawls internet data sources such as Certificate Transparency logs, passive DNS sinks, and internet scans to uncover assets that you own. Censys discovers unknown and unmanaged internet-facing assets in real time.


-Risk Detection and Remediation
There are too many factors to your data and assets to keep it all straight, up-to-date, and accounted for – mismanaged cloud configurations, expiring certificates, aging and vulnerable properties, etc. Through Censys’ industry-unmatched algorithmic discovery and automated attribution, we're always on, always seeing, always helping.


How we are different

-Censys provides superior coverage, faster time to discovery, and fewer false positives than its competitors: Censys continuously scans the IPv4 address space on over 3,500 ports from multiple global perspectives to produce the richest, most accurate representation of hosts and services on the Internet and the world’s largest searchable X.509 certificate repository. For context, its nearest competitor scans around 1,500 ports. To help provide Censys’ capabilities to any size threat hunting team, Censys recently launched its Censys Tier System, which caters to the various security needs of organizations.


-Superior Coverage: Through independent analysis, Censys found it can identify 26% more running services than its nearest competitor. This superior coverage provides a complete view of hosts, driving more accurate threat research and intelligence development


-Faster Discovery and Fewer False Positives: The independent analysis also found that Censys scanners can discover new assets faster than any other product on the market; hosts are found within an hour of when they are placed online. While Censys competitors returned many results for any given search, the analysis found numerous false positives when comparing them to the results from a third party scan against the same set of hosts. Censys is 12% more accurate than its competitors.