Skip to content
New Ebook: Get your copy of the Unleash the Power of Censys Search Handbook today! | Download Now
Blogs

Q3 2024 Product Release: New Tools to Address Vulnerabilities and Enhance Efficiency

Share

October 16, 2024

As cyber threats continue to evolve in both sophistication and scale, the tools security leaders rely on must evolve as well. Innovation is central to Censys’ mission, and we are committed to staying ahead of the curve with solutions tailored to today’s evolving digital landscape.

In Q3 2024, Censys introduced key advancements aimed at bolstering security teams’ ability to detect, prioritize, and remediate vulnerabilities, while also streamlining critical processes.

Discover, Prioritize, and Remediate Vulnerabilities

Vulnerabilities have become more than just a concern; they are a critical and persistent challenge for security teams worldwide. As of August 2024, 52,000 new CVEs had already been discovered, surpassing 2023’s record-breaking total of 29,000. This marks an 80% increase in just over half the year, underscoring the escalating scale of cyber threats.

CVEs pose some of the most dangerous risks to your attack surface, especially when exposed to the internet. Gaining visibility into these CVEs isn’t just about compliance—it’s a vital step in prioritizing and addressing the vulnerabilities that matter most.

CVE Context in Censys Search

The introduction of CVE Context in Censys Search enables security professionals to swiftly identify vulnerable hosts and evaluate their exposure to the internet, through either the UI or API.

With comprehensive details like CVE ID, Attack Complexity, Attack Vector, Privileges Required, CVSS score, and KEV info, CVE Context in Censys Search empowers our customers to gain critical insights, understand attack vectors, prioritize fixes, and reduce risks efficiently.

Key Benefits:

  • Identify Vulnerabilities: Detect hosts running outdated software and prioritize associated risks.
  • Enhance Research: Analyze attack surfaces and trends to develop proactive defenses.
  • Stay Current: Monitor software updates to respond rapidly to known threats.
  • Protect Systems: Secure IT and OT environments, safeguarding essential services.

Censys discovers 3x more hosts with CVEs than the nearest competitor, delivering unmatched visibility into exposures across the internet infrastructure.

 

Download the one-pager: https://censys.com/cve-context-in-censys-search/

CVEs as Risks in Censys ASM

For a broader view, Censys ASM now proactively detects CVEs across your entire attack surface, giving security teams a comprehensive understanding of all externally facing software vulnerabilities. These risks are seamlessly integrated into the existing risk framework, allowing your team to prioritize the most critical CVEs and address them through downstream integrations. By identifying vulnerabilities linked to specific assets and prioritizing risks based on exposure levels, teams can focus on the most urgent threats, optimizing response times and resource allocation.

Key Benefits:

  • Advanced Prioritization: Identify and categorize risks based on the most critical vulnerabilities, using metrics such as CVSS scores and KEV to assess severity and exploitability.
  • Proactive Defense: Remediate vulnerabilities before they lead to breaches, leveraging automated workflows and critical vulnerability insights.
  • Targeted Remediation: Pinpoint the software version linked to each CVE, enabling efficient patching by addressing a single software version instead of multiple CVEs.

With CVEs as Risks, Censys not only discovers assets but also streamlines vulnerability management, allowing you to prioritize, validate, and remediate external vulnerabilities with confidence.

 

Streamline, Automate, and Integrate Your Ecosystem

Security teams are inundated with a flood of alerts from disconnected tools, creating inefficiencies that slow down response times and contribute to significant burnout. In fact, over 60% of security leaders report high levels of mental and physical exhaustion.

To address this, streamlining, automating, and integrating trusted alerts is not just about operational efficiency—it’s critical for protecting both the business and the well-being of the professionals safeguarding it. Censys’ latest innovations help unify workflows and automate critical tasks, allowing security teams to focus on the most pressing threats while alleviating stress and fatigue.

Saved Query Automation

In cybersecurity, time is one of the most valuable resources, and Saved Query Automation in Censys ASM ensures your team acts on relevant data faster. This feature allows security teams to automate queries and receive timely alerts based on specific threat conditions, ensuring that only critical changes trigger notifications. Whether it’s an unauthorized RDP service activation or newly exposed assets, you’ll receive immediate alerts on the most critical changes, facilitating rapid response.

Key Highlights:

  • Customized Alerts: Set up alerts for specific queries across cloud and on-prem environments to focus on what matters most.
  • Continuous Monitoring: Monitor your entire attack surface with hourly updates, ensuring rapid detection of asset, risk, and vulnerability changes.

With Saved Query Automation, you can rest assured that vulnerabilities are continuously monitored and flagged without manual effort, allowing your team to concentrate on high-priority threats.

ServiceNow Partnership

As an established partner of ServiceNow, Censys is proud to now offer three key integrations–ServiceNow Information Technology Service Management (ITSM), Vulnerability Response (VR), and Configuration Management Database (CMDB). With over 7,700 customers, including approximately 85% of Fortune 500® companies, ServiceNow is an essential part of the security ecosystem. Our integration with ServiceNow’s tool stack is designed to enhance efficiency and empower security teams to take action faster.

ServiceNow CMDB Integration

Our newest addition, the ServiceNow CMDB integration with Censys ASM bridges the gap between external and internal assets, offering a unified view of an organization’s entire IT environment. Automatic synchronization of Censys-discovered assets with ServiceNow CMDB ensures that all internet-facing assets, including shadow IT, are accurately represented. This enhanced visibility enables better risk management and more effective incident response.

Key Benefits:

  • Sync Externally Facing Shadow IT: Ensure your IT team manages all externally discovered assets by seamlessly integrating shadow IT into the CMDB.
  • Automate Digital Infrastructure Mapping: Map your entire digital infrastructure—including IPs, web entities, domains, storage buckets, and certificates—into the CMDB, eliminating the manual effort of piecing everything together.
  • Daily Updates: Stay up-to-date with daily asset discoveries, ensuring accurate tracking of assets in ServiceNow CMDB.

This integration extends ServiceNow’s CMDB capabilities by incorporating external assets into your system of record, helping you maintain a secure and comprehensive IT environment.

ServiceNow VR Integration

The ServiceNow Vulnerability Response integration enables Censys ASM to sync discovered vulnerabilities and exposures, allowing security teams to prioritize risks and accelerate remediation. By mapping Censys’ severity metrics and risk details to ServiceNow Vulnerable Items, teams can focus on the most pressing threats and ensure that risks are accurately tracked and resolved within ServiceNow.

Key Benefits:

  • Accelerated Remediation: Seamlessly sync vulnerabilities from your attack surface to ServiceNow VR for quicker response times.
  • Risk Prioritization: Map Censys’ risk severity to ServiceNow scoring, ensuring the most critical vulnerabilities are addressed first.
  • Seamless Integration: Maintain a single source of truth across both external and internal assets, reducing the manual effort of data transfer.

This integration continuously monitors and addresses vulnerabilities on your attack surface using ServiceNow’s robust remediation workflows.

ServiceNow ITSM Integration

The ServiceNow ITSM integration with Censys ASM allows security teams to reduce the time it takes to remediate exposures and critical risks. By enabling users to create incidents directly from the platform, this integration ensures vulnerabilities are not only discovered but acted on swiftly. Critical context—such as risk level, asset details, and incident information—flows seamlessly into ServiceNow to simplify the remediation process.

Key Benefits:

  • Incident Management: Create incidents directly in ServiceNow ITSM, including detailed asset and risk data.
  • Efficient Risk Tracking: Continuously synchronize incidents and updates between the platforms for streamlined vulnerability tracking.

This integration empowers teams to respond faster, ensuring that exposures are properly managed and that no issue falls through the cracks.

 

Watch the Webinar: Integrating Asset and Cyber Risk with Censys & ServiceNow: https://go.censys.com/IntegratingAssetandCyberRisk_Thank-You.html

Experience the Censys Difference

As the threat landscape continues to expand, the need for innovative, integrated solutions has never been more critical. Censys remains committed to providing security teams with the visibility, automation, and actionable insights they need to defend their organizations against emerging risks.

Schedule a demo today to experience these new features in action.

 

About the Author

Alexa Slinger
Director of Product Marketing
With over a decade of cybersecurity experience in B2B SaaS, Alexa is passionate about blending customer-centricity with technical expertise to create strategies that empower security teams.

Similar Content

View All Similar Content
Back to Resources Hub
Attack Surface Management Solutions
Learn more