Feature and Data Access Tiers
Censys offers tiered data and feature access solutions for a wide range of users, from hobbyists to enterprise security teams. All users have a Free account that offers basic internet visibility, access to basic protocols and certificates, and limited web property data such as root endpoints.
To access more detailed data that provides deeper insights, you must upgrade to a higher tier account. Each tier builds upon comprehensive internet scanning data, offering progressively deeper scan results and context about assets and their importance to security workflows.
Censys offers three main tiers: Free, Starter, and Enterprise. A Core sub-tier of the Enterprise tier is also available. These tiers are often referred to as plans or levels.
Any Free user may upgrade their account to the Starter tier by purchasing Censys Credits. To gain access to Enterprise-level data and features, contact the Censys sales team.
Additional modules and add-ons, like the Threat Hunting module and the industrial control system (ICS) protocol license, are available to Enterprise customers to address specific use cases. These are sometimes referred to as entitlements.
If you encounter data with a lock icon next to it, you must upgrade or switch to an upgraded account to access it. Upgrading your account unlocks this data and provides enhanced security insights. You can see a list of data that is available and unavailable to you on the Data Definitions page in the Platform console.
You may also see the following image or a similar one when attempting to access a feature that is unavailable to your tier.
Overview
The following tables explain which data and features are available to each Platform tier.
Data access
| Data feature | Free | Starter | Enterprise Core | Enterprise |
|---|---|---|---|---|
| Basic protocols and data (HTTP, RDP, SSH, telnet, and so on - 41 protocols total) | Yes | Yes | Yes | Yes |
| Basic context data (software product and vendor information, and so on) | Yes | Yes | Yes | Yes |
| Labels | Yes | Yes | Yes | Yes |
| Host DNS and WHOIS information | Yes | Yes | Yes | Yes |
| Additional protocols and protocol data (MQTT, IPP, and so on - over 140 protocols) | No | Yes | Yes | Yes |
| Additional context data (software and hardware and component CPE values, version data, life cycle information, and so on) | No | No | Yes | Yes |
| Host history | No | 1 week | 1 month | 1 month+ |
| Basic certificate data | Yes | Yes | Yes | Yes |
| Additional certificate data (extensions, chains, ZLint data, and so on) | No | Yes | Yes | Yes |
| Host and web property CVE and risk data (CVE IDs, KEV presence, and so on) | No | No | No | Yes |
Root (/) endpoint data | Yes | Yes | Yes | Yes |
Non-root (such as /account/login, /admin/login.html, and so on) endpoint data | No | Yes | Yes | Yes |
| Deep application scan data for Cobalt Strike, Kubernetes, Elasticsearch, and so on | No | No | Yes | Yes |
| Threat data | No | No | No | Yes - with Threat Hunting module |
| Open directory data and threats | No | No | No | Yes - with Threat Hunting module |
| Context hashes (JARM, JA4X, JA3S, and so on) | No | No | No | Yes - with Threat Hunting module |
| ICS protocols and screenshots | No | No | Yes - with ICS protocols license | Yes - with ICS protocols license |
Features
| Feature | Free | Starter | Enterprise Core | Enterprise |
|---|---|---|---|---|
| API access, including SDKs | No | Yes | Yes | Yes |
| Single sign-on (SSO) | No | No | Yes | Yes |
| Additional organization users | No | No | Yes | Yes |
| Regular expression in query syntax | No | Yes | Yes | Yes |
| Censys Query Assistant | Yes | Yes | Yes | Yes |
| Matched fields for search results | No | Yes | Yes | Yes |
| Download search results in CSV format | No | No | Yes | Yes |
| Pages of search results (100 per page) | 1 | 5 | Unlimited | Unlimited |
| Maximum concurrent actions | 1 | 1 | 10 | 10+ |
| Collections | 0 | 2 | 10+ | 15+ |
| Webhooks | No | Yes | Yes | Yes |
| Live Rescan | No | No | Yes | Yes |
| Live Discovery | No | No | No | Yes - with Threat Hunting module |
| Explore Threats page | No | No | No | Yes - with Threat Hunting module |
| Investigation Manager | No | No | No | Yes - with Threat Hunting module |
| CensEye automated pivoting tool | No | No | No | Yes - with Threat Hunting module |
| Certificate history timeline | No | No | No | Yes - with Threat Hunting module |
| Web screenshots | No | No | Yes | Yes |
| MCP Server | No | Yes | Yes | Yes |
Tier information
Free
The Free tier is designed for preliminary security investigations and is useful for testing Platform functionality. Users can search and view basic protocols and services, but some protocols and their attendant data are excluded.
Basic host, web property, and certificate information is searchable and viewable for free users. To search for additional certificate fields and view historical host data, you must upgrade to a paid tier. Free tiers are limited to 1 page of 100 results.
Starter
If you purchase credits through the Censys website, your account is upgraded to the Starter tier, granting you API access, additional internet visibility and actionable insights.
Starter tier accounts are limited to a maximum of 500 results per search query, with 100 results shown per page.
Core and Enterprise
Enterprise-level access includes two tiers: Core and Enterprise. Both of these tiers include all of the features of the Starter tier.
Vulnerability data is not available to the Core tier, but is available to the Enterprise tier.
Both tiers offer full protocol data access and advanced internet visibility provided by deep application scanners. This allows you to search and view protocols, services, web applications, and view 1 month of host history, excluding industrial control system (ICS) protocols. Enterprise search results include all CPE-based fields and provide access to unlimited paginated results.
Threat-specific data is available in the Threat Hunting module, which may be purchased by Enterprise customers.
Enterprise customers may purchase access to ICS protocol data separately.
Updated about 6 hours ago