In today’s rapidly changing cyber threat environment, traditional “inside-out” cybersecurity strategies, which focus primarily on defending from within, are no longer be sufficient. A fresh perspective that allows organizations to see their attack surface as a potential hacker would is becoming essential to stay ahead of increasingly sophisticated cyber threats.
Recognizing this need, Tabatha Von Koelichen, Regional Sales Director for DACH and Central Europe at Censys, and Harald Roeder, Senior Solution Engineer at Censys, led a workshop titled “How to Think Like an Attacker: Preventative Cybersecurity with Censys,” where they demonstrated how organizations could harness Censys’ solutions to proactively identify and mitigate risks. The workshop was part of SC World's Vulnerability Management Virtual Summit.
The session began with an overview of the evolving threat landscape, emphasizing the speed and creativity with which attackers exploit vulnerabilities. As cybercriminals are now capable of identifying and attacking newly disclosed vulnerabilities within days, it is critical for security teams to adopt an “outside-in” approach to continuously monitor and secure all internet-exposed assets. The workshop introduced attendees to the Censys Internet Intelligence platform, a tool designed to provide such an outside perspective. Through daily internet-wide scanning, Censys offers insights into the security posture of organizations by detecting all internet-facing assets, whether on known or shadow IT infrastructure.
The Censys platform is composed of two main features: Internet Search and Attack Surface Management (ASM). Censys Internet Search functions as a global “map” of the internet, allowing cybersecurity teams to search for assets across IP addresses, hostnames, and top-level domains, among others. The ASM feature acts more like a “street view” specifically focused on the organization’s infrastructure, providing a detailed, up-to-date view of exposed services and vulnerabilities. This approach empowers organizations to detect unknown assets and weaknesses, giving security teams the insights needed to prioritize and address high-risk areas before attackers can exploit them.
One of the unique elements of Censys’ approach is its comprehensive scanning capability. The company has installed its scanning technology across seven tier-one ISPs, enabling daily scans of 250 million IPv4 hosts and 202.7 million IPv6 hosts. This infrastructure allows Censys to provide users with fresh, relevant data that includes insights into open ports, software vulnerabilities, and SSL/TLS certificate status across an organization’s internet-facing assets. This vast data collection effort, coupled with continuous updates and real-time notifications, allows organizations to maintain a highly dynamic and up-to-date picture of their external security posture.
Roeder’s live demonstration showcased how Censys identifies vulnerabilities associated with specific assets, giving attendees a firsthand look at the platform’s capabilities. He demonstrated Censys’ ability to find and analyze command-and-control servers, detect critical vulnerabilities, and assess security postures based on location or asset type. Additionally, Roeder highlighted the ASM feature’s integration capabilities, allowing Censys data to connect seamlessly with other security systems, such as SIEM and SOAR platforms, to streamline threat detection and response.
As part of the workshop, the presenters shared examples of real-world organizations that have successfully leveraged Censys to secure their digital landscapes. For instance, the Federal Office for Information Security (BSI) in Germany and Swiss Life, a large insurance company, have used Censys’ insights to gain a clear, actionable view of their internet-facing infrastructure.
In closing, Von Koelichen emphasized that seeing an organization’s vulnerabilities through the eyes of an attacker provides a unique advantage in the fight against cyber threats. By adopting Censys’ outside-in perspective, organizations are better equipped to protect themselves against costly breaches and security incidents.
