How to Seed Attack Surface Management
A seed, in the context of Attack Surface Management, is a known public-facing asset that serves as a starting point for discovering and mapping your organization's entire digital footprint across the internet. By providing these initial seeds, you enable the tool to systematically identify and analyze all connected assets, helping you accurately define and secure your public-facing network.
Want to use Attack Surface Management to find your seeds? Click Use Censys to Find Seeds in Attack Surface Management for more information.
Assets You Can Add as Seeds
These assets make great seeds. Not all of the options listed below are necessary or even applicable to your organization, so they are listed from most to least common.
-
Domains: Domain names identify DNS administrative zones, are registered with a registrar, and often have name servers or mail servers associated with them.
Example: censys.io
-
Other names: Other DNS names identify services (for example, me.censys.io) and map to 1 or more IP addresses where the services are running. These can be added as a "Domain" type.
Example: app.censys.io
-
IP addresses: IP addresses are numerical labels assigned to a device or service connected to the Internet to identify and reach it.
Example: 8.8.8.8
-
CIDR Blocks: A CIDR (Classless Inter-Domain Routing) is a range of sequential IP addresses (in CIDR notation) assigned to an organization for their use.
Example: 8.8.8.0/24
-
ASNs: An autonomous system number is a numerical identifier of a connected group of 1 or more blocks of IP addresses that are assigned to an organization.
Example: 123
Add Seeds in Attack Surface Management
-
On the Dashboard panel, click on your username icon in the upper right and click Add Seeds.
-
Enter your assets in the text box, or upload a CSV or text file. The CSV or text files need to be under 5 megabytes in size.
-
The structure of a CSV file that is to be uploaded looks like this:
-
-
Click Next Step.
-
Resolve any issues and verify the accuracy of your assets in each section. Click Submit.
-
You will receive an email when your attack surface is inventoried and ready for you to view.
Add Seeds via API
You can add seeds with our REST API with this call:
POST ++https://app.censys.io/api/v1/seeds
Example Request Body
{ "seeds": [ { "type": "ASN", "value": 0, "label": "emeahq" }, { "type": "IP_ADDRESS", "value": "1.1.1.1", "label": "dns" }, { "type": "DOMAIN_NAME", "value": "example.com", "label": "main" }, { "type": "CIDR", "value": "127.0.0.0/16", "label": "internal" } ] }
To see more seed management methods, visit our API documentation.
View Seed Data
To view your organization’s seed data, on the Inventory menu, click Seed Data.
The Seed Data page opens.
The 2 areas at the top of the page show the total number of assets:
-
provided to Attack Surface Management through seeds on the left.
-
discovered by Attack Surface Management with links to those lists on the right.
The table at the bottom of the page displays a comprehensive list of all seed data that has been input into the platform. Each entry in the table provides detailed information, including:
- Asset Type: The category or classification of the seed data.
- Value: The specific numerical or textual value associated with the seed data.
- Source: The particular interface or method used to add the seed data to the platform.
- Label: An optional descriptive label or tag assigned to the seed data for easier identification and categorization.
If you think you're missing some seeds, you can use Censys Attack Surface Management to find them!