1. Censys
  2. Censys Attack Surface Management
  3. Getting Started

Other Articles In This Section

In this article:

Configure Risks with Censys

  • Updated

One of the primary objectives of the Censys ASM Platform is to shrink your organization’s attackable surface area, so Censys proactively flags risks in order to draw your attention to vulnerable places.

Start by tuning risk default settings to fit your organization’s needs. Then, investigate and remediate risks in your network to improve your security posture.

Configure All Risks

As Censys maps and monitors your attack surface, it detects more than 250 different risk types.

You can set each type’s default severity to fit your security policies and investigative priorities, or disable a risk type if you do not want the platform to detect any instances of it.

Configure settings for all of the risk types that Censys identifies by clicking the Configure Risks button in top right corner of the Risks page. Here you can view all risks that Censys detects.

Configure_Risks_-_Start_Configuring.gif
Figure 1. Click the configure button to go to the risk configuration page

Search, Sort, and Filter Your Risk for Easy Editing

As you're refining your risk configurations, you can search, sort, and filter the risks based on when the risk was added to Censys' list of detections, Severity, Status, Category, Asset Type, and Edited Status.  You can also sort risks by their prevalence in your attacks surface. 

Configure_Risks_-_Filter_Your_Risks.gif

Figure 2. Filter risks or search to find specific risks more quickly

Configure_Risks_-_Filter_and_Sort.gif

Figure 3. Click the "View Only Edited Risks" toggle to refine the list to previously edited risks. Sort the columns to bring important rows to the top of your view. 

Change Risk Severities to Match Your Organization's Risk Tolerance

Select from the list to see details and remediation recommendations and to change the default severity of the risk type or disable the risk type entirely.

Configure_Risk_-_Configure_a_Risk.gif
Figure 4. Configure risk severity

The Censys-recommended severity for each risk type is noted with the Recommended text. The Severity Selection menu allows you to choose the severity classification that fits your organization’s policies. From highest to lowest, the options include:

  • Critical — Indicates a severe risk which may result in compromise of the affected system or interruption of business objectives. Critical risks should be remediated as soon as possible.

  • High — Indicates a risk which may result in remote code execution or sensitive information disclosure. High risks should be prioritized when creating a risk remediation roadmap.

  • Medium — Indicates a risk which may be exploited in combination with other vulnerabilities to perform an attack. Treat medium risks as standard priority on a risk roadmap.

  • Low — Indicates a vulnerability which may provide an attacker with some information about or access to the affected system. Deal with low risks at the lowest priority.

The default severity set for a type will be assigned to any instance of that risk type found on any of your assets.

Next Steps

After you have configured your risk settings, head to the risks page of the app to start investigating.

Further Reading on Risks

See this reference article for a description of the risk categories that the Censys ASM platform detects.

Related articles

Comments

0 comments

Article is closed for comments.