May 18, 2026
2 days ago
Summary
- Use the new Google SecOps SOAR and Palo Alto Cortex XSOAR/XSIAM Platform integrations to bring Censys internet intelligence into your SOC workflows.
- Added several new fingerprints to the Platform and one new risk fingerprint for vulnerable Exim Server [CVE-2026-45185] to ASM.
Platform
- Use the new Google SecOps SOAR and Palo Alto Cortex XSOAR/XSIAM Platform integrations to bring Censys internet intelligence into your SOC workflows.
- Each of these integrations features actions that you can use to manually or automatically enrich IPs, domains, and certificates with Censys data.
- You can also retrieve host history, execute rescans, and initiate CensEye automated pivoting jobs directly from the integration.
New fingerprints and risks
Added the following fingerprints and risk.
Note that new ASM risk fingerprints may be disabled by default in your workspace. Reference your risk type configuration in the ASM web console to review new risk types.
New fingerprints
| Name | Description | Query |
|---|---|---|
| enteliWEB | Web-based building automation and energy management platform by Delta Controls for monitoring and controlling HVAC and BAS systems. | Platform query |
| eBMgr | Delta Controls' eBMgr is an enterprise building management server that centralizes control of multiple BACnet-based building automation networks. | Platform query |
| enteliTOUCH | Touchscreen operator display by Delta Controls for local interaction with building automation controllers. | Platform query |
| ELNet MC Building Automation Controller | ELNet MC is a building automation controller used for energy monitoring and management in commercial facilities. | Platform query |
| FastAPI | FastAPI is a modern, high-performance Python web framework for building APIs with automatic OpenAPI documentation. | Platform query |
| FortiAnalyzer | FortiAnalyzer is Fortinet's centralized logging, analysis, and reporting platform for network security events. | Platform query |
| FortiGate | FortiGate is Fortinet's flagship next-generation firewall and unified threat management appliance. | Platform query |
| Glances | Glances is an open-source cross-platform system monitoring tool with a web interface for real-time resource visibility. | Platform query |
| GLPI | GLPI is an open-source IT asset management and helpdesk system used for inventory tracking and service management. | Platform query |
| Versatile Routing Platform | Huawei's Versatile Routing Platform (VRP) is the underlying operating system powering Huawei routers and switches. | Platform query |
| HG8045H | The HG8045H is a Huawei GPON optical network terminal (ONT) commonly deployed in residential fiber-to-the-home installations. | Platform query |
| FusionAccess | FusionAccess is Huawei's virtual desktop infrastructure (VDI) solution for delivering cloud-hosted desktop environments. | Platform query |
| Fireware | Fireware is the operating system running on WatchGuard Firebox network security appliances. | Platform query |
| Fireware XTM | Fireware XTM is the legacy WatchGuard security appliance OS for the Extensible Threat Management (XTM) product line. | Platform query |
| IP Camera | AVTECH IP cameras are network-connected surveillance cameras with a web management interface, historically associated with multiple critical vulnerabilities. | Platform query |
| Blue Iris | Blue Iris is a Windows-based video surveillance software platform for managing IP cameras and recording streams. | Platform query |
| Browserless | Browserless is a headless Chrome-as-a-service platform that enables remote browser automation via a web API. | Platform query |
| Cacti | Cacti is an open-source network monitoring and graphing tool built on RRDTool for polling and visualizing performance metrics. | Platform query |
| PlantVisor | PlantVisor is CAREL's HVAC/R supervisory software for monitoring and managing refrigeration and climate control systems. | Platform query |
| pCOWeb | pCOWeb is CAREL's Ethernet gateway card that provides web-based remote access to pCO HVAC controllers. | Platform query |
| CrushFTP Web Interface | CrushFTP's web interface provides browser-based access to its enterprise file transfer server for managing files and users. | Platform query |
| Darkstat | Darkstat is a lightweight network traffic analyzer that captures packets and exposes usage statistics via a built-in web interface. | Platform query |
New risks
Name | Description | Query |
|---|---|---|
Vulnerable Exim Server [CVE-2026-45185] | This Exim mail server is running version 4.97 through 4.99.2, which is affected by CVE-2026-45185, an unauthenticated remote code execution vulnerability in the BDAT (CHUNKING) body parsing path. | |