It’s no secret that managing threats is a game of cat and mouse. As attackers evolve and find new and creative ways to cause chaos, investing in adaptive technologies that constantly grow and learn becomes essential.
In that spirit, let’s dive into some of the new items that were delivered this past quarter to help Censys customers stay ahead of the curve.
Improving Coverage for Unmatched Visibility
Good enough data isn’t good enough. Censys maintains rigorous maintenance standards to ensure unmatched Internet Intelligence, and we continue to invest in ways to parse our data with greater efficiency and more context.
The IP WHOIS field has been added to the host asset schema in Search and BigQuery, enabling searchable IP WHOIS data. This addition allows customers to utilize WHOIS information in their queries and pivots to discover related infrastructure during investigations.
This offers a potentially valuable piece of metadata in asset enrichment workflows. It’s also available in the host asset schemas in Censys Attack Surface Management, enabling customers to search across, build aggregations for, and leverage WHOIS information in inventory and corresponding APIs.
Speaking of potentially valuable pieces of data, we’ve also improved hash coverage and TLS version enumeration through an upgrade to our scanning infrastructure. Users can now view and search for supported TLS versions.
Providing Deeper Insights and Context-Aware Capabilities
Let’s talk certs. Censys maintains the world’s largest x.509 certificate database — 15 billion and counting. With the release of Lite Certificates, we’ve introduced a new technique to remove numerous indexed fields from the search index after a certificate has expired. This significantly reduces the amount of data needed to be stored and queried across, leading to increased responsiveness, speed, and timeliness of certificate-related searches while still maintaining the most common fields used for searches.
Reinforcing our commitment to delivering comprehensive context, we’ve significantly enhanced our threat hunting capabilities with the integration of JA3S and JA3X fingerprints. These highly anticipated additions are pivotal for security teams, enabling the detection of similar TLS configurations and the identification of patterns in certificate generation. This advancement provides a more precise approach to fingerprinting. Equipping our customers with these detailed hashes, we’re empowering security teams with actionable intelligence, crucial for identifying and mitigating potential security threats more effectively.
Rapid Response Enhancements
“Celebrity vulnerabilities” refer to high-risk, critical vulnerabilities that attract widespread media attention and often leave security teams in a bind, requiring them to undertake extensive investigations. To address this challenge, the Censys Rapid Response program is designed to swiftly identify, research, and notify our customers about these high-visibility risks. Understanding the complexities involved in managing these critical exposures, we’ve enhanced our Rapid Response program with a vital new feature: email notifications.
This feature activates when a new critical vulnerability is added to Censys Attack Surface Management. Users immediately receive email notifications that not only detail the risk but also provide its context. Should this risk be detected on any of your assets, you’ll be automatically informed. This streamlined communication cuts down the mean-time-to-discovery for high-profile vulnerabilities from days to just hours. Empowering our users with up-to-the-minute, essential information, coupled with the ability to customize their alert settings, we ensure that our customers stay one step ahead of potential threats, combining maximum efficiency with minimal effort.
Innovating for Today and Tomorrow
The digital landscape is ever-changing, and so are the tactics of those who pose threats to it. At Censys, we understand that staying ahead in this game of digital cat and mouse means not just reacting to threats, but anticipating them. Our latest enhancements, from the more granular asset visibility to the Rapid Response email notifications, are all designed with this proactive stance in mind.
Our commitment is to be the one place to understand everything on the internet, transforming data into actionable intelligence. We’re not just a part of your cybersecurity strategy; we’re your partners in forging a path to a safer digital future. We’re excited to see how our innovations will empower your security teams and safeguard your digital landscape. If you’d like to learn more, feel free to schedule a personalized demo or contact us with any questions you may have.
