Data Access Tiers and Entitlements
Introduction
Censys offers tiered data access solutions for a wide range of users, from hobbyists to enterprise security teams. All customers begin with a Free account which offers basic internet visibility, access to basic protocols & certificates, and limited web property data such as root endpoints.
This provides Censys users with a starting point to explore the internet landscape. To access more advanced data that provides deeper insights, you must upgrade to a higher-tiered account. Each tier builds upon comprehensive internet scanning data, offering progressively deeper insights into hosts, services, certificates, and potential security risks.
The upgrade path can be starter or involve additional data offerings, depending on your needs and use cases. Censys offers Free, Starter, and Enterprise tiers, as well as additional Solutions and Datasets to address specific use cases. Each tier unlocks additional capabilities while maintaining strict data quality and accuracy that security professionals rely on for critical decisions.
If you encounter data with a lock icon, you must upgrade to access that data. If you see a 🔒 lock icon next to a dataset, it means that you must upgrade to view the data. Upgrading your account unlocks this data and provides enhanced security insights.
Censys tiers
The sections below provide a brief overview of the data visibility for Censys tiers.
Free
The Free tier is designed for preliminary security investigations. Users can search and view basic protocols and services, but ICS protocols are excluded. For example, you can search for host.services.ftp.banner to view specific details about a banner message provided by the service. If you want to search for advanced protocols like MSMQ and view its data, you must upgrade to a paid account.
Basic certificate information is searchable and viewable for free users. To search for advanced certificate fields and view historical data, you must upgrade to a paid tier. Free tiers are limited to 1 page of results.
The Free tier allows users to search and view basic web properties like root endpoints. To access the following assets, you must upgrade:
- Endpoint resources, non-root endpoints (Starter)
- Threat actor endpoints (Enterprise)
- Deep application scanners (Enterprise)
- Cobalt strike, for red teams to test an org's vulnerabilities (Enterprise)
Free tier doesn’t provide access to the Censys API.
Starter
If you purchase credits through the Censys website, your account is upgraded to the Starter tier, granting comprehensive internet visibility and actionable insights. You can search and view basic & advanced protocols and services that unlock deeper data and view 1 week of host history, excluding ICS protocols. Raw data can be viewed and downloaded.
The Starter tier allows users to search and view all certificate data, including certificates expired for more than 30 days. Web property data such as complete endpoints are searchable and viewable, providing insights into devices, services, and systems exposed on the internet.
To access the following assets, you must upgrade:
- Threat actor endpoints (Enterprise)
- Deep application scanners (Enterprise)
- Cobalt strike, for red teams to test an org's vulnerabilities (Enterprise)
The Starter tier provides access to the Censys API.
Enterprise
The Enterprise tier offers full protocol data access and advanced internet visibility provided by deep application scanners. This allows you to search and view protocols, services, web applications, and view 6 months of host history, excluding ICS protocols. Enterprise search results include all CPE-Based fields and provide access to unlimited paginated results. Raw & JSON data can be viewed and downloaded.
Cobalt Strike is available for security researchers, providing insights into publicly exposed C2 infrastructure and potential threat activity. Critical Infrastructure Data is not available for the Enterprise tier.
The Enterprise tier provides access to the Censys API.
Updated 3 days ago