The Leading Internet Intelligence Platform for Threat Hunting and Exposure Management. Censys empowers security teams with the most comprehensive, accurate, and up-to-date map of the internet to defend attack surfaces and hunt for threats. What is Censys? Censys is a platform that helps information security practitioners discover, monitor, and analyze devices that are accessible from the Internet. We regularly probe every public IP address and popular domain names, curate and enrich the resulting data, and make it intelligible through an interactive search engine and API. Enterprises use Censys to understand their network attack surfaces. CERTs and security researchers use it to discover new threats and assess their global impact. Censys was founded by computer scientists at the University of Michigan, and data we collect has been used in hundreds of scientific papers by researchers around the world. The threat environment is rapidly evolving and bad actors are adjusting their tactics at alarming rates. As a result, today’s organizations need to be vigilant in order to protect themselves and their customers from harmful breaches. With Censys, organizations can get the most accurate data available, enabling teams to take down threats as close to real-time as possible. Censys Scanning and Data Collection One way that Censys finds publicly-reachable devices is by using Internet-wide scanning. We make a small number of harmless connection attempts to every IPv4 address worldwide each day. When we discover that a computer or device is configured to accept connections, we follow up by completing protocol handshakes to learn more about the running services. We never attempt to bypass any technical barriers, exploit security problems, or otherwise access non-public-facing services, and we follow community best practices to reduce any burden on remote networks. The only data we receive is information that is publicly visible to anyone who connects to a particular address and port. For technical information about the kinds of data Censys collects, visit our data definitions page. Censys scans the Internet from the subnets listed on this page, which you can allowlist or blocklist if you wish. We sometimes make follow-up connections from other machines at dynamic IP addresses, but blocking the addresses above is sufficient to prevent your device from appearing in our IPv4 dataset. Censys data is sometimes used by researchers and network administrators to detect security problems and alert the operators of vulnerable systems. If you block our scans, you might not receive these important security notifications. About Censys Censys Attack Surface Management Platform The ASM platform leverages Censys’ Internet-wide scan data with other tools to map the entirety of an organization’s digital presence, including traditional on-premise assets and ephemeral cloud-hosted services. In the web app and via API, customers can track changes to their network, investigate risks, and improve their security posture. ASM platform pricing is based on the size of an organization’s network. Censys Search 2.0 Censys Search is the most prestigious Internet-wide scan data on the market: with datasets representing the entire IPv4 address space, the largest IPv6 inventory, game-changing name-based scanning breakthroughs, and the largest certificate repository in existence. In addition to accessing data through the web search or via the API, higher-tier accounts have access to Censys data as a Google BigQuery dataset that customers can load and query, and raw JSON data files that customers can download. A download link for the latest version of these files is provided through the Censys Data API. Access Censys’s Datasheet HERE. Access Censys’s White Paper HERE.
