Documentation
Start typing to search…

Risk Categories

Censys Attack Surface Management (ASM) identifies over 400 risks that can be associated with your Inventory assets. The list of all risk types is available in the app.

Risk information appears on the Risks page, on the Hosts page, on the Host Details pages, and in the logbook and asset APIs.

Risk categories help you understand risks at a glance. A risk can belong to more than one category. For example, Compliance Risks are typically exposed services or devices that place you out of compliance with internal or external frameworks. However, the risk could also fall under other categories (i.e., Device Exposure and Service Misconfiguration).

Misconfiguration

A misconfiguration is an incorrect or suboptimal configuration of an information system or system component.

  • Service Misconfiguration is an incorrect or suboptimal configuration of a service component that provides functionality in larger processes. Service misconfigurations include:
    • Weak Authentication
    • Lack of Encryption
    • TLS Cryptographic Weakness
    • SSH Cryptographic Weakness
    • Invalid TLS Certificate
    • Mail Service Misconfiguration
    • Web Misconfiguration
    • Non-Standard Service Configuration
  • Cloud Misconfiguration is an incorrect or suboptimal configuration of a cloud component that provides functionality in larger processes. Cloud misconfigurations include:
    • Logging Misconfiguration
    • Authentication Misconfiguration
    • Firewall Misconfiguration
    • Credential Exposure
  • Name Infrastructure Misconfiguration is a name infrastructure misconfiguration is an incorrect or suboptimal use of the Domain Name System. Service misconfigurations include:
    • Domain Registration Misconfiguration
    • DNS Record Misconfiguration

Exposure

An exposure is a situation where sensitive information, devices, or services are exposed to the Internet.

  • Information Leakage is a type of exposure where sensitive information is exposed to the Internet.
  • Device Exposure is an exposed device is a type of exposure in which a physical device is exposed to the Internet.
  • Service or Interface Exposure is when a sensitive service or interface is exposed to the Internet. Service exposures include:
    • Cloud Exposure
    • Dev Tool Exposure
    • Security Tool Exposure
    • Remote Access Service Exposure
    • IT Admin System Portal Exposure
    • Deprecated and Plaintext Protocol Exposure
    • Internal Network Protocol Exposure
    • Protocols With No Business Use
    • Database Engine Exposure
    • File Transfer Protocol Exposure
    • File System Exposure
    • DDoS Amplification Exposure

Vulnerability

A vulnerability is a weakness in an information system, system security procedure, internal control, or implementation that can be exploited or triggered by a threat source.

  • Software Vulnerability is a weakness specific to a software product that can be exploited or triggered by a threat source. Software vulnerabilities include:
    • Denial-of-Service Vulnerability
    • Remote Code Execution Vulnerability
    • Privilege Escalation Vulnerability
    • Cryptographic Vulnerability
    • Outdated Software Vulnerability
    • EOL Software Vulnerability
    • Common Vulnerabilities and Exposures (CVE)
  • Web Application Security Vulnerability is related to vulnerabilities in web servers, web applications, and web services. Web application vulnerabilities include:
    • Cross-site scripting (XSS) vulnerability
    • Cross-site request forgery (CSRF) vulnerability
    • SQL Injection vulnerability
    • Server-side request forgery (SSRF) vulnerability

Compromise

Compromise is the disclosure of information to unauthorized persons or a violation of the security policy of a system in which unauthorized intentional or unintentional disclosure, modification, destruction, or loss of an object occurs.

  • Evidence of Compromise is a category of compromise for which there is traceable evidence.

Updated 1 day ago

What’s Next