Software
Censys-Identified Software
The software list page displays all of the software that Censys detected during scans of your organization’s Internet-accessible hosts.
There are three sources for software pulled from scan results: a fingerprint (i.e., a Censys mapping to CPE-formatted software names), the HTTP x-powered-by field in an HTTP header, or the HTTP server header field in an HTTP field. This information is provided in a source field in our APIs and in the Source column on the Software list page.
|
Note
|
Censys only identifies end-of-life (EOL) versions for fingerprinted software. |
How do I use the Software list page?
Use the software page to search for software that needs updating or to identify vulnerabilities in your software.
In the table, you’ll see a catalog of all your hosts' software, indexed by name. Other columns in the default view of the table include:
-
Version - The version of the software reported by one or more of your hosts. The software name + version is what is tied to a vulnerability (known as a CVE-ID) from the Common Vulnerabilities and Exposures (CVE) dictionary. In accordance with the CPE format, an asterisk (
*) will appear in the column when the version is unknown.NoteThe same name may appear in the list more than once because the versions are different. -
Host Count - The number of your hosts that are reporting this software version.
-
CVE Count - The number of CVE-IDs associated with this software version.
-
Highest Severity Score - The severity score of the most critical CVE ID tied to the software. Severity scores range from 0-10. A higher score is more critical.
NoteWhen Censys uses the term severity score in relation to CVEs, it is referring to the National Vulnerabilities Database’s Common Vulnerabilities Scoring System (CVSS) Version 2, an industry standard. -
Tags - Any tags that have been applied to the software version.
Click on the linked software name or version to see a software detail page with additional information on the software version.
Column Selection
You can display additional columns with more information about your software by clicking the Columns button above the table.
Select or deselect the columns to create your desired view. You can also reorder columns by dragging and dropping the table header.
Additional column options include:
-
Part - A type enumeration. Values include:
-
Application
-
Hardware
-
Operating System
-
-
Vendor - The name of the organization providing the software.
-
Product - The name of the system, package, or component. Product and vendor are sometimes identical.
-
Source - A Censys-specific field indicating the identification of the software. Values include:
-
Fingerprint - A Censys mapping of software indicated during protocol-specific scans to CPE-formatted software URIs.
-
Server - A string pulled from the HTTP server header that had no fingerprint match.
-
X-Powered-by - A string pulled from the HTTP x-powered-by header that had no fingerprint match.
-
-
All Hosts - A list of the IP addresses representing the hosts running the software version.
-
All CVEs - A list of all of the CVE IDs associated with the software version.
-
Association Date - The date that the software version was first seen on one of your hosts.
Download Software Data
You can export the software catalog as a comma separated value (CSV) sheet for use in other products and workflows. Click the Download CSV button in the right-hand corner at the top of the table.
The default filename is {timestamp}_{customerName}_SoftwareExport.csv, and the columns in the CSV file reflect the columns displayed in the table when exported.
Comments
0 comments
Article is closed for comments.