Platform Integrations

You can incorporate Censys Platform data and functionality with the integrations listed below.

Enterprise customers leveraging Censys Legacy Search APIs can continue to utilize previously developed Legacy Search integrations until September 2026.

A list of Attack Surface Management integrations is available here.

Additionally, the Censys Platform offers REST APIs that allow you to develop integration workflows for nearly any security platform.

Censys-owned integrations

The following integrations are maintained by the Censys team.

Integration	Description
Collection webhooks	Collection webhooks provide you with the ability to receive trigger-based updates when new assets are added to or removed from your collection. Webhooks deliver Censys data to various applications, enabling you to monitor events and take action as needed.
Coming soon: Censys for Splunk SOAR	The Censys for Splunk SOAR integration adds investigative actions that leverage Censys Platform data to Splunk. You can use these actions in playbooks or run them when examining events to enrich your incident response workflows.
Coming soon: Censys for Splunk Platform	This app implements investigative actions to get IP, domain and certificate data into Splunk from the Censys Platform.
Coming soon: Censys for ServiceNow	When integrated with ServiceNow SIR & TISC, any IP, domain or x.509 certificate hash that appears in a security incident can be enriched with Censys data. This data includes but is not limited to location, ASNs, open ports, DNS data, identified threats, and vulnerabilities.
Coming soon: Censys for Microsoft Sentinel	Leverage playbooks to enrich alerts and incidents with Censys internet data. Users can lookup known information about IPs, domains, certificate SHAs in Censys.

Vendor-developed integrations

Vendor-developed integrations are developed by our technology partners and are not maintained by the Censys team.

Integration	Description
ThreatQuotient Censys Operation and Censys Action	ThreatQuotient has two Censys Platform integrations. Censys Operation enriches ThreatQ system objects with context obtained from the Censys Platform API. Censys Action enriches ThreatQ indicators with context obtained from the Censys API that can be used to proactively protect an organization against advanced threat actors.
The Vertex Project Censys-Synapse	The Vertex Project's Censys-Synapse tool adds new Storm commands to allow you to query the Censys API using your existing API key.
ThreatConnect Censys Playbook App	Use this Playbook App to retrieve multiple types of enrichment information for IOCs. Additionally, you can build custom Censys searches to retrieve result sets based on factors such as software versions being run, services running, open ports, and more. You can also use it to monitor your own potentially open and vulnerable infrastructure, among numerous other possible use cases.

Integration

Description

ThreatQuotient Censys Operation and Censys Action

ThreatQuotient has two Censys Platform integrations.

Censys Operation enriches ThreatQ system objects with context obtained from the Censys Platform API.
Censys Action enriches ThreatQ indicators with context obtained from the Censys API that can be used to proactively protect an organization against advanced threat actors.

The Vertex Project Censys-Synapse

The Vertex Project's Censys-Synapse tool adds new Storm commands to allow you to query the Censys API using your existing API key.

ThreatConnect Censys Playbook App

Use this Playbook App to retrieve multiple types of enrichment information for IOCs. Additionally, you can build custom Censys searches to retrieve result sets based on factors such as software versions being run, services running, open ports, and more. You can also use it to monitor your own potentially open and vulnerable infrastructure, among numerous other possible use cases.