Use Censys to Find Seeds in Attack Surface Management
Seeds are the known assets that identify your assets on the public-facing web.
Besides the seeds you provide, Attack Surface Management can help find seeds for your organization by searching registration data from Internet-artifact repositories. If you're an Enterprise customer, you can specify that Attack Surface Management refreshes all of the seed-related data every night.
This article covers:
-
Business situations where Attack Surface Management is particularly successful at finding seed data.
-
How to navigate to the input pages.
-
Each step of the data input and review process.
Using Attack Surface Management to find seeds is most successful for organizations like these:
-
Large organizations with lots of (publicly registered) infrastructure.
-
Large companies with lots of subsidiaries.
-
Organizations with recent acquisitions, when an org is inheriting a new attack surface.
If your organization uses third parties to maintain privacy guards on registered Internet artifacts, seed results are limited.
To get started, click your username icon in the upper right of the app and click Add Seeds.
Use the wizard to let Attack Surface Management find seeds:
-
Step One: Input an Organization Name (or apex domain)
-
Step Two: Review Subsidiary Organization Changes
-
Step Three: Review Registration Information Changes
-
Step Four: Review Seed Changes
-
On the Input Data step, type the name of your organization in the text box and select the correct match from the list of organizations.
-
If you don't see your organization in the list, you can enter a domain name. Type the flagship domain name of your organization.
Note
Attack Surface Management only finds subsidiaries if an organization is selected by name. Using a domain name does not find subsidiaries or their seeds.
-
When you're done, click Next.
On this page, changes to subsidiaries that Attack Surface Management found appear. An initial run only has new subsidiaries to show.
-
Review any additions and decide whether you want these subsidiaries to be used by Attack Surface Management and included in your organization’s Internet presence.
-
Review any removed subsidiaries and follow the link to our business data provider to explore more.
-
Exclude a new subsidiary and its potential seeds by clicking Decline in the applicable row. All new subsidiaries are included in the seed search unless you decline them.
-
After you confirm the subsidiaries whose seeds and assets to be included in this workspace, click Next.
Attack Surface Management uses 2 pieces of registration information to find seeds that may be registered to your organization: the Registrant Organization name and the Registrant Email Address.
-
On the Review Registrant Information page, examine the lists of new and removed organization names and email addresses found in registration records for netblocks and domains that you may own. An initial run only lists new registrants.
-
To view any seeds that result from accepting a new registrant, expand the row.
-
Review the changes listed in the Registrant Organization tab and the Registrant Email tab.
Warning
Censys recommends that you do not include Registrant Organization names and email addresses of third parties that your organization uses for privacy protection and registration upkeep. Their use may result in finding seeds not belonging to your organization.
-
After you confirm the registrant information to be used to find seeds for this workspace, click Next.
You receive an email when your attack surface is ready to review, and then you can tour the dashboard.
Enterprise customers of the Censys Attack Surface Management platform can toggle Refresh automatically in the upper right, and Censys Attack Surface Management refreshes all of this seed-related data every night.
Enterprise users with the Refresh toggle enabled only need to go through the steps outlined in this article when they receive an email informing them of a seed-related change available for review.
Comments
0 comments
Please sign in to leave a comment.