Platform Integrations
You can incorporate Censys Platform data and functionality with the integrations listed below.
Enterprise customers leveraging Censys Legacy Search APIs can continue to utilize previously developed Legacy Search integrations until September 2026.
A list of Attack Surface Management integrations is available here.
Additionally, the Censys Platform offers REST APIs that allow you to develop integration workflows for nearly any security platform.
Censys-owned integrations
The following integrations are maintained by the Censys team.
| Integration | Description |
|---|---|
| Collection webhooks | Collection webhooks provide you with the ability to receive trigger-based updates when new assets are added to or removed from your collection. Webhooks deliver Censys data to various applications, enabling you to monitor events and take action as needed. |
| Coming soon: Censys for Splunk SOAR | The Censys for Splunk SOAR integration adds investigative actions that leverage Censys Platform data to Splunk. You can use these actions in playbooks or run them when examining events to enrich your incident response workflows. |
| Coming soon: Censys for Splunk Platform | This app implements investigative actions to get IP, domain, and certificate data into Splunk from the Censys Platform. |
| Coming soon: Censys for Microsoft Sentinel | Leverage playbooks to enrich alerts and incidents with Censys internet data. Users can lookup known information about IPs, domains, certificate SHAs in Censys. |
Vendor-developed integrations
Vendor-developed integrations are developed by our technology partners and are not maintained by the Censys team.
Integration | Description |
|---|---|
CyWare Censys v3 | The Censys v3 app helps security teams gain visibility into internet-exposed assets using trusted global scan data. It provides structured insights into hosts, certificates, and web properties to support exposure management and threat investigation. |
OpenCTI Censys Enrichment | The Censys Enrichment connector allows OpenCTI to enrich observables (such as domains, IP addresses, and certificates) using data from the Censys search and intelligence platform. It retrieves detailed information on hosts, certificates, services, and organizations to enhance context and visibility within investigations. Learn more in the documentation. |
Palo Alto Cortex XSOAR and XSIAM | The Censys Platform integration with Cortex XSOAR and XSIAM adds the ability to retrieve Censys data for IPs, domains, and certificates. You can also use the integration to search across Censys data. Reference the documentation for more information. |
The Vertex Project Censys-Synapse | The Vertex Project's Censys-Synapse tool adds new Storm commands to allow you to query the Censys API using your existing API key. |
ThreatConnect Censys Playbook App | Use this Playbook App to retrieve multiple types of enrichment information for IOCs. Additionally, you can build custom Censys searches to retrieve result sets based on factors such as software versions being run, services running, open ports, and more. You can also use it to monitor your own potentially open and vulnerable infrastructure, among numerous other possible use cases. |
ThreatQuotient Censys Operation and Censys Action | ThreatQuotient has two Censys Platform integrations.
A video walk through of ThreatQuotient's integrations with Censys is available here. |
Updated about 3 hours ago