Use Censys to Find Seeds
Seeds are cornerstone entities used to map the entirety of your Internet-accessible attack surface.
In addition to seeding the ASM platform with long-lived entities owned or administrated by your organization yourself, Censys can now help find seeds for your organization by searching registration data from Internet-artifact repositories.
When Can Censys Find Seeds?
Using Censys to find seeds will be most successful for organizations with these characteristics:
Large orgs with lots of (publicly registered) infrastructure
Large companies with lots of subsidiaries
Recent acquisitions: when one org is inheriting a new attack surface
If your organization leverages third parties to maintain privacy guards on registered Internet artifacts, seed results will be limited.
To leverage this capability at any time, click on your username icon in the top right corner of the app and select Input Data from the dropdown menu.
There are four steps to enable Censys to find seeds:
Step One: Input an Organization Name
On the input step, type the name of your organization in the text box and select the correct match from the list of organizations in the dropdown.
If you do not see your organization in the list, you can choose instead to enter a domain name. Type the 'flagship' domain name that represents your organization.
|Censys will only find subsidiaries if an organization is selected by name. Using a domain name will not yield subsidiaries or their seeds.|
After you’re done, click the *Next Step button.
Step Two: Review Subsidiary Organizations
On this page, review any subsidiaries that Censys found and decide whether you wish for these subsidiaries to be mapped by Censys and included in your organization’s Internet presence.
All subsidiaries are selected to be included in the seed search by default. Exclude a subsidiary by clicking the Do Not Find Seeds button in its row.
After you’ve confirmed the subsidiaries whose seeds and assets should be included in this workspace, click the Next Step button.
Step Three: Review Registration Information
There are two pieces of registration information that Censys uses to find additional seeds that may be registered to your organization: the Registrant Organization, and the Registrant Email Address.
On the Review Registration page, examine the list of organization names and email addresses that were found in registration records for netblocks and domains.
Censys recommends that you do not include Registrant Organization names and email addresses representing third parties that your organization utilizes for privacy protection and registration upkeep.
Step Four: Review and Submit
If you entered any seed data manually, you will see it listed on the verification step. Resolve any issues and verify the correctness of all of your assets in each section. Then, click Submit.
Once you’ve submitted your reviewed data, Censys will find seeds for all of the subsidiaries with the selected registration information, and from there, map every asset in your attack surface.
You will receive an email when your attack surface is ready to review, and then you can tour the dashboard.