1. Censys
  2. Censys Attack Surface Management
  3. Getting Started

Other Articles In This Section

In this article:

Tour the Attack Surface Dashboard

  • Updated

How do I use the dashboard?

The dashboard organizes information gathered from Censys to give you multiple views of your attack surface and alert you about security issues that could compromise your organization.

Dashboard
Figure 1. Dashboard

The default view of the dashboard is unfiltered, displaying all of the assets Censys has gathered information about.

In the unfiltered view, the bar chart shows a breakdown of assets by environment so you can understand at a glance whether the bulk of your Internet presence is located in the cloud, on shared infrastructure, or elsewhere.

assets-by-environment.png

Asset Counts

The first section beneath sums your organization’s total asset counts by type. Each card displays a total count of assets while the smaller number indicates how many new assets have been added to your attack surface in the time frame selected in the upper right of the dashboard.

asset counts unfiltered

  • IPs - A computer or service connected to the Internet that’s located at and identified by an IP address.

  • Domains - Names serving as a domain in the Domain Name System (DNS) with a format commonly known as an eTLD+1 (e.g., censys.io).

  • Subdomains - Subdomains are names that resolve to hosts that are part of your attack surface.

  • Storage Buckets - Containers provided by a cloud object storage service that are related by name or keyword to your organization.

  • Certificates - X.509 certificates related to your organization, found by querying public Certificate Transparency logs and when scanning the Internet.

  • Software - Software packages and versions that are detected during hosts scans.

The next section presents a list of top risks affecting your organization and a map of host locations.

Top risks and host location map

Top Risks

This card displays a preview of the most serious risks affecting your organization’s assets, filtered by severity and number of affected assets. The list changes based on the environment selected at the top of the Dashboard.

Host Location

The hosts map displays a count of hosts located within a country for all of your organization’s hosts whose location is known.

Hosts that appeared within the time frame selected in the upper right are flagged as new in the table, and their locations appear on the map in orange.

The next section breaks down hosts by their discovery source and shows metric trends regarding asset and risk counts.

known and trends

Known & Unknown Hosts

In the last section, Censys uses discovery source to classify hosts in your attack surface as known or unknown. Knowing whether a host was found from a provided asset such as a CIDR block or from a Cloud Connector allows you to engage with risks and administrative tasks from an ownership perspective.

Trends

The second panel displays trends taken from the Censys reporting feature including your organization’s total host and risk counts over time.

Filter the Dashboard by Environment

Use the three main filters on the dashboard to view the environments where your attack surface is located.

Cloud

Attack surface management in the Cloud is a high priority because of the proliferation of accounts, the accessibility of free-tier services, and how easy it is to misconfigure settings, so this filter shows applicable Dashboard panels populated with Cloud data.

Dashboard filtered by cloud

Censys includes the following CSPs in its definition of Cloud:

  • Amazon Aws

  • Google Cloud

  • Microsoft Azure

  • Alibaba Cloud

  • Soft Layer Technologies Inc.

  • Tencent Cloud

  • Digital Ocean Inc.

  • Hetzner Online

  • Verizon Communications Inc.

  • Oracle Cloud

  • Huawei Cloud Service

  • US Signal

  • Switch Communications Group LLC

  • Internap Corporation

  • Tier Point LLC

  • American Internet Services

  • Arvixe

  • Cologix Inc.

  • Confluence Networks Inc.

If a host, domain, subdomain, or storage bucket is found within these CSPs, they are considered Cloud assets.

Shared

The shared environment is comprised of shared web hosts and Content Delivery Network hosts.

Dashboard filtered to shared

Other

The remainder of your organization’s hosts, domains and subdomains are categorized as "Other."

Dashboard filtered to other

Where to Go From Here

This article introduced you to the Dashboard and the information it presents.

Read articles about the information Censys has on your organization’s hosts, domains, certificates and risks to learn how to leverage the rich data of the Censys platform and enhance your Internet security.

Related articles

Comments

0 comments

Article is closed for comments.