Quick Start Guide
This guide is designed for users new to Censys Attack Surface Management (ASM). Whether you're setting up ASM for the first time or managing an established deployment, this guide will help you navigate ASM and understand its key features and concepts. Links are provided in each section to direct you to additional documentation.
Introduction
Censys Attack Surface Management (ASM) gives you control over your organization’s external attack surface. By providing comprehensive visibility into your Internet-facing assets, ASM automatically discovers and monitors them, identifying risks such as misconfigurations, vulnerabilities, and exposures. It enables you to take proactive steps to remediate threats before they can be exploited, helping your security teams stay one step ahead.
An organization's attack surface consists of all its external-facing assets, which adversaries may target to exploit vulnerabilities and misconfigurations. The complexity of an organization’s attack surface can grow quickly and in unexpected ways, often due to new business activities, acquisitions, or technological changes.
For example:
- A bank sets up a new customer-facing login page.
- An advertising firm acquires a new subsidiary and all its online assets.
- A SaaS company adds a new cloud service provider for managing data and assets.
These changes can introduce new risks, such as outdated security protocols, unknown resources, or misconfigured cloud services. Censys ASM provides real-time intelligence to detect these risks, helping you protect your organization by remediating potential vulnerabilities before they can be exploited.
Access the ASM web console
To begin using Censys ASM, log in to the web console at app.censys.io.
Navigate the Dashboard
The Overview Dashboard provides a comprehensive view of your external attack surface. It displays real-time alerts about security issues that could jeopardize your organization’s security posture. From this dashboard, you can quickly assess risks and prioritize remediation actions.
The Trends & Benchmarks Dashboard tracks the size of your attack surface, the number of risks, and the average duration of exposure to those risks. These metrics, along with their supporting segments, are monitored over time to identify changes, allowing you to measure progress in improving attack surface hygiene, minimizing risky exposures, and addressing critical vulnerabilities.
Build your attack surface inventory
Censys ASM builds the most complete and accurate picture of your attack surface, leveraging its state-of-the-art attribution engine and industry-leading internet scanning. With near real-time visibility into all internet-facing assets, ASM provides security teams assurance that they have their full attack surface under control, whether that asset is present in the cloud or on-premise.
If you are starting with ASM, you may need to add (glossary: asset) assets to your attack surface inventory by adding seeds.
Add and manage seeds
A seed is a known, public-facing Internet asset (e.g., domain, autonomous system number, or IP address) that serves as a starting point for discovering and mapping your entire digital footprint. Seeds allow Censys to systematically identify and analyze all connected assets within your organization’s public-facing network.
You can use Censys to discover seeds or manually add them in the web console or via API.
ASM Enterprise users can enable an automatic refresh of all of their seed-related data every night.
Cloud Connectors
Cloud Connectors integrate with cloud providers like AWS, GCP, and Azure to give real-time visibility into cloud assets. They continuously import data from services like storage buckets, virtual instances, and databases, helping security teams monitor for vulnerabilities and manage risks. This ongoing monitoring ensures up-to-date information, making it easier to spot unsanctioned cloud usage and maintain security.
Asset Inventory
Once you've added your seeds, Censys will begin discovering the assets connected to your organization. These assets are continuously monitored for security risks, misconfigurations, and vulnerabilities.
Query and alert automation
ASM allows you to build, save, and automate queries to continuously monitor your assets. Queries allow you to filter and analyze your assets based on specific criteria, enabling you to focus on the most critical security issues affecting your organization.
Identify risks
ASM continuously assesses your attack surface for potential risks. These risks include vulnerabilities, misconfigurations, exposed services, and other issues that could leave your organization open to attack.
Shrink your attack surface
Once you’ve identified risks and vulnerabilities, you can take steps to shrink your attack surface by removing unnecessary assets or reconfiguring exposed services. Censys provides detailed insights and intelligence to help you reduce your organization’s exposure to cyber threats.
Integrations
ASM Integrations make security operations easier with fast, seamless integrations that improve efficiency and visibility. They also serve as a way to remediate, connecting Censys ASM with popular tools for alerting, IT service management, SIEM, and vulnerability management, saving you time and filling data gaps.
API
Automate, integrate and customize ASM data into your existing processes using the Censys ASM API.
Next Steps
After completing the initial setup or onboarding, continue exploring the following topics to deepen your understanding of Censys ASM:
Updated 9 days ago