March 9, 2026

Summary

Platform users with access to the Critical Infrastructure module can use the new Critical Infrastructure dashboard to quickly pivot through a filterable view of ICS/OT assets and data identified by Censys scans.
Add Censys Platform data enrichment to your security workflows using new integrations with OpenCTI and CyWare.
Gain a better picture into host history using the new get service history for a host Platform API endpoint .
Use new extracted_text data in the Platform to find assets with screenshots that include keywords like vendor or product names, login interfaces, and more.
Added several new Platform fingerprints and ASM risk fingerprints, including Cisco Catalyst SD-WAN Manager, Gogs, Gitea, Raspberry Shake, numerous Nagios services, and more.

Platform

Users with access to the Critical Infrastructure module can use the new Critical Infrastructure dashboard to quickly pivot through a filterable view of ICS/OT assets and data identified by Censys scans.
- Use the dashboard to find assets of interest based on location, vendor, product name, protocol, text extracted from screenshots, and more. Learn more in the documentation.
Use new integrations to add Censys data enrichment to hosts, domains, certificates, and more to OpenCTI and CyWare.
- These integrations were developed and are maintained by OpenCTI and CyWare, respectively.
Leverage the new get service history for a host API endpoint to retrieve time ranges during which services were detected on the host.
- This is similar to the host services timeline in the Platform web UI.
Use new extracted_text data on services and endpoints to find assets with screenshots that include keywords like vendor or product names, login interfaces, and more. This data can be found in the following new fields:
- host.services.screenshots.extracted_text
- host.services.endpoints.screenshots.extracted_text
- web.endpoints.screenshots.extracted_text
- extracted_text data is only available to users on the Core or Enterprise plans.

New fingerprints

Added the following fingerprints.

Note that new ASM risk fingerprints may be disabled by default in your workspace. Reference your risk type configuration in the ASM web console to review new risk types.

Type	Name	Description	Query
risk	Exposed Fast Reverse Proxy (FRP) Server	An exposed Fast Reverse Proxy (FRP) server dashboard has been detected. FRP is an open-source reverse proxy tool that allows users to expose internal services through NAT or firewalls to the internet without authorization. When deployed without IT approval, FRP constitutes shadow IT and creates significant security risks: it bypasses firewall controls, exposes internal services without proper security review, and has been observed being used by threat actors as a command-and-control tunneling mechanism.	ASM query: risks.name: `Exposed Fast Reverse Proxy (FRP) Server`
risk	Exposed Gogs Application	This is an exposed HTTP service running Gogs. This self-hosted Git service often contains source code repositories, user credentials, and CI/CD configurations. The sensitive nature of the information contained in this application makes it a target.	ASM query: risks.name: `Exposed Gogs Application`
risk	Exposed Gitea Application	This is an exposed HTTP service running Gitea. This self-hosted Git service often contains source code repositories, user credentials, and CI/CD configurations. The sensitive nature of the information contained in this application makes it a target.	ASM query: risks.name: `Exposed Gitea Application`
risk	Exposed Nagios Fusion Application	A Nagios Fusion application is exposed to the internet. Nagios Fusion is a multi-server management platform that provides a unified view of monitoring servers. Exposure may allow unauthorized access to centralized monitoring management.	ASM query: risks.name: `Exposed Nagios Fusion Application`
risk	Exposed Nagios Log Server Application	A Nagios Log Server application is exposed to the internet. Nagios Log Server is a centralized log management platform that can contain sensitive operational data. Exposure may allow unauthorized access to log data.	ASM query: risks.name: `Exposed Nagios Log Server Application`
risk	Exposed Nagios Network Analyzer Application	A Nagios Network Analyzer application is exposed to the internet. Nagios Network Analyzer is a netflow and bandwidth monitoring tool that provides network traffic visibility. Exposure may allow unauthorized access to network analytics.	ASM query: risks.name: `Exposed Nagios Network Analyzer Application`
risk	Exposed Nagios Core Application	A Nagios Core application is exposed to the internet. Nagios Core is an open-source monitoring platform that provides infrastructure monitoring and alerting. Exposure may allow unauthorized access to monitoring data.	ASM query: risks.name: `Exposed Nagios Core Application`
risk	Exposed Nagios Cross Platform Agent Application	A Nagios Cross Platform Agent (NCPA) application is exposed to the internet. Nagios Cross Platform Agent (NCPA) is a cross-platform monitoring agent that provides system metrics and remote management capabilities. Exposure may allow unauthorized access to system metrics and agent management.	ASM query: risks.name: `Exposed Nagios Cross Platform Agent Application`
risk	Exposed Nagios XI Application	A Nagios XI application is exposed to the internet. Nagios XI is an enterprise monitoring platform that provides infrastructure visibility and alerting. Exposure may allow unauthorized access to monitoring data and system management.	ASM query: risks.name: `Exposed Nagios XI Application`
software	N-able Take Control	N-able Take Control is a remote support solution that can give users access to Windows, Mac, Linux, and mobile devices.	Platform query
software	GrowthBook	GrowthBook is the an open-source platform for feature flagging and experimentation.	Platform query
hardware	Coslat Firewall	This is a Coslat Firewall instance.	Platform query
software	Blackboard Transact Suite	Blackboard Transact Suite is a cloud-based campus management solution used in higher education for integrated payments, security, and commerce.	Platform query
software	Zoho Meeting	Zoho Meeting is an online meeting platform.	Platform query
software	RAGFlow	RAGflow is an open-source Retrieval-Augmented Generation (RAG) engine.	Platform query
software	Cisco Catalyst SD-WAN Manager	This is a Cisco Catalyst SD-WAN Manager server.	Platform query
software	Nagios Log Server	This is a Nagios Log Server for centralized log management.	Platform query
software	Nagios NCPA	This is a Nagios Cross-Platform Agent (NCPA) web interface.	Platform query
software	Nagios Fusion	This is a Nagios Fusion monitoring dashboard.	Platform query
software	Nagios Network Analyzer	This is a Nagios Network Analyzer for netflow analysis and bandwidth monitoring.	Platform query
software	Raspberry Shake	Raspberry Shake is a low-cost, professional-grade personal seismograph that pairs with a Raspberry Pi computer to detect ground vibrations, including earthquakes, volcanic activity, and human-made noise.	Platform query
software	Remotely Admin Console	Remotely is an open-source, self-hosted remote control and management solution built with .NET 8, Blazor, and SignalR, designed as a TeamViewer alternative.	Check this one again on Monday
software	Neo4j Graph Database	Neo4j is a graph database management system detected via HTTP API JSON response.	Platform query