 |
This solution helps security teams hunt faster, accelerate investigations and eliminate threats before they attack
ANN ARBOR, Mich., April 28, 2025 /PRNewswire/ — Today, Censys, known for its best-in-class Internet visibility, is launching a new solution specifically designed to enable threat hunting teams to track adversary infrastructure. The Censys’ Threat Hunting solution is part of Censys’ recently released Internet Intelligence platform, which provides security teams across the enterprise with the Internet visibility that they need to protect themselves from today’s adversaries. While Censys has been a long time favorite for threat hunting teams, the new Threat Hunting solution is a purpose-built module that empowers security teams to shift from reacting to alerts and compromises to proactively uncovering and mitigating threats before they can cause harm.
“Threats Explore” page in Censys Threat Hunting Module
The new Censys Threat Hunting module directly integrates into existing security operations products, enhancing detection pipelines and enabling security teams to be more proactive in their threat hunting. It automatically turns Censys Internet Map data into structured, actionable insights that can be used by security teams to identify malicious infrastructure used by adversaries to target their organization. With the new solution, security teams will be able to accelerate threat detection & investigations and seamlessly pivot from findings to proactively hunt for new and emerging malicious infrastructure.
“One of the biggest pain points for us threat hunters is the inability to acquire timely and relevant data that enables them to proactively defend against targeted threats”, said Silas Cutler, Principal Security Researcher at Censys, who has helped architect the new solution. “The new Censys Threat Hunting module solves that challenge by delivering real-time visibility to existing malicious infrastructure and the ability to find, pivot, and track known and emerging threats targeting their organization anywhere on the Internet.”
The platform eliminates data overload and provides threat hunters with a central place to view all threat hunting data, including a list of all the known threats and a heat map of where those threats live. In addition, the Censys Threat Hunting Module features:
- Censys Threats Dataset: This dataset includes detections for red team tools, fingerprints and detections for malware operations. It also offers extended context on threats, such as descriptions, alternative names, actors, and reference links
- CensEye: Allows threat hunters to identify and correlate malicious infrastructure by detecting hosts and web properties with similar characteristics. This capability allows analysts to uncover adversarial assets and track evolving threats faster and with better precision
- Live Discovery and Scanning: Security teams now gain real-time threat detection and validation of on-demand scanning capabilities. Live scans expose previously unknown configurations, while rescans systematically analyze existing services and endpoints to confirm potential threats and track configuration drift
- Exploration Dashboards: The platform gives users interactive dashboards that offer visibility into threat frameworks, which allows security teams to explore data and trends, uncover anomalies and begin investigations effectively
- Certificate & Host History Visualization: By exploring historical relationships between hosts and certificates, hunters can build weaponization timelines, uncover tactics, techniques, and procedures (TTPs), and view historical attributes to leverage in detections.
- Advanced Pivoting and Contextual Hashes- threat hunters can quickly expand their related indicators by using helpful configuration-based hashes such as JARM, JA3, JA4+, and favicon hashes to build a comprehensive view of related infrastructure.
The new Censys Threat Hunting Module gives organizations unprecedented visibility, context, and historical insights to every Internet facing asset, including known and emerging adversarial infrastructure,” said Brad Brooks, CEO of Censys. “With the new module, enterprise security teams and government agencies can proactively hunt for sophisticated threats targeting their organization using the Industry’s most accurate and comprehensive Internet Intelligence data set.
To learn more, stop by Censys’ booth in Moscone North #4600, at RSAC or visit: censys.com/blog/speeding-up-threat-hunting-with-censys
About Censys
Censys’ mission is to be the one place to understand everything on the internet. Frustrated by the lack of trustworthy Internet intelligence, we set out to create the industry’s most comprehensive, accurate, and up-to-date map of the Internet. Today, Censys delivers real-time Internet intelligence and actionable threat insights to global governments, over 50% of the Fortune 500, and leading threat intelligence providers worldwide. Learn more at Censys.com.