Skip to main content
Introducing Polarity Intel Edition: Streamlining Intel Distribution for SecOps
Polarity Intel Edition
Request a Demo

ThreatConnect and Censys: Enrich Threat Data to Enhance Decision Making

ThreatConnect and Censys (www.censys.io) have partnered to deliver the Censys Playbook App. This App allows you to retrieve multiple types of enrichment information for IOCs. Additionally,  it allows you to craft custom Censys searches to retrieve result sets based on factors such as software versions being run, services running, open ports, and more. You can even use it to monitor your own potentially open and vulnerable infrastructure, among numerous other possible use cases. 

 

Censys Address Enrichment Playbook App

Censys Address Enrichment Playbook App

 

The integration with Censys allows you to:

  • Aggregate Enrichment Data Sources for a More Holistic Understanding of Threats 
    • As part of your security process, you may want to aggregate available enrichment and analysis from various outside sources into one location- the ThreatConnect Platform. You will have a more holistic understanding of potential threats to make the most informed decision as part of your analytic, investigative, and remediation actions.
  • Corroborate or Dispute Outputs for More Confident Decision Making 
    • As part of your analysis process, you can utilize information from Censys to aid and corroborate intelligence analysis or validate the accuracy and severity of security alerts. By corroborating this information, you can feel confident to make informed decisions.
  • Monitor your Infrastructure
    • As part of your security process, you can craft custom Censys searches to retrieve result sets based on many factors such as software versions being run, services running, open ports, rouge services, vulnerable software, and more. This means you can monitor for potential instances of your own enterprise’s infrastructure appearing in the Censys data set allowing direct and immediate value to be derived.

The following actions are available with this Playbook App:

  • DNS Lookup
  • Reverse DNS Lookup
  • Search Censys
  • Get Enrichment
  • Parse Results

Together, ThreatConnect and Censys help you to enrich Threat data so that you can make informed decisions and proactively monitor your own infrastructure. If you’re a ThreatConnect customer, please reach out to your dedicated Customer Success Team for more information on using the Censys Playbook App. If you’re not yet a customer and are interested in ThreatConnect and this integration, please contact us at sales@threatconnect.com.

 

About the Author

ThreatConnect

By operationalizing threat and cyber risk intelligence, The ThreatConnect Platform changes the security operations battlefield, giving your team the advantage over the attackers. It enables you to maximize the efficacy and value of your threat intelligence and human knowledge, leveraging the native machine intelligence in the ThreatConnect Platform. Your team will maximize their impact, efficiency, and collaboration to become a proactive force in protecting the enterprise. Learn more at www.threatconnect.com.