Censys-Identified Risks (Reference)
Censys identifies over 400 risks in the Attack Surface Management platform. The list of all risk types is available in the app.
Risk information is displayed in the Risks page, in the Hosts List page, on Host Details pages, and in the logbook and asset APIs.
Risk Categories
Risks categories help you understand risks at a glance. A risk may belong to more than one category.
Misconfigurations
A misconfiguration is an incorrect or suboptimal configuration of an information system or system component.
-
Service Misconfiguration – A service misconfiguration is an incorrect or suboptimal configuration of a service component that provides functionality in larger processes.
Service misconfigurations include:
-
Weak Authentication
-
Lack of Encryption
-
TLS Cryptographic Weakness
-
SSH Cryptographic Weakness
-
Invalid TLS Certificate
-
Mail Service Misconfiguration
-
Web Misconfiguration
-
Non-Standard Service Configuration
-
-
Cloud Misconfiguration – A cloud misconfiguration is an incorrect or suboptimal configuration of a cloud component that provides functionality in larger processes.
Cloud misconfigurations include:
-
Logging Misconfiguration
-
Authentication Misconfiguration
-
Firewall Misconfiguration
-
Credential Exposure
-
-
Name Infrastructure Misconfiguration – A name infrastructure misconfiguration is an incorrect or suboptimal use of the Domain Name System.
Service misconfigurations include:
-
Domain Registration Misconfiguration
-
DNS Record Misconfiguration
-
Exposures
An exposure is a situation where sensitive information, devices, or services are exposed to the Internet.
-
Information Leakage – Information leakage is a type of exposure where sensitive information is unintentionally exposed to the Internet.
-
Device Exposure – An exposed device is a type of exposure in which a physical device is exposed to the Internet.
-
Service or Interface Exposure — A service or interface exposure is one in which a sensitive service or interface is exposed to the Internet.
Service exposures include:
-
Cloud Exposure
-
Dev Tool Exposure
-
Security Tool Exposure
-
Remote Access Service Exposure
-
IT Admin System Portal Exposure
-
Deprecated and Plaintext Protocol Exposure
-
Internal Network Protocol Exposure
-
Protocols With No Business Use
-
Database Engine Exposure
-
File Transfer Protocol Exposure
-
File System Exposure
-
DDoS Amplification Exposure
-
Vulnerabilities
A vulnerability is a weakness in an information system, system security procedure, internal control, or implementation that could be exploited or triggered by a threat source.
-
Software Vulnerability – A software vulnerability is a weakness specific to a software product that could be exploited or triggered by a threat source.
Software vulnerabilities include:
-
Denial-of-Service Vulnerability
-
Remote Code Execution Vulnerability
-
Privilege Escalation Vulnerability
-
Cryptographic Vulnerability
-
Outdated Software Vulnerability
-
EOL Software Vulnerability
-
Common Vulnerabilities and Exposures (CVE)
-
-
Web Application Security Vulnerability – Web application security vulnerabilities are related to vulnerabilities in web servers, web applications, and web services.
Web application vulnerabilities include:
-
Cross-site scripting (XSS) vulnerability
-
Cross-site request forgery (CSRF) vulnerability
-
SQL Injection vulnerability
-
Server-side request forgery (SSRF) vulnerability
-
Compromise
Compromise is the disclosure of information to unauthorized persons, or a violation of the security policy of a system in which unauthorized intentional or unintentional disclosure, modification, destruction, or loss of an object occurs.
-
Evidence of Compromise – Evidence of compromise is a category of compromise for which there is traceable evidence.
More on Risks
Learn how to customize the settings for risks and begin prioritizing in this guide.
Comments
0 comments
Article is closed for comments.