The following enhancements and improvements are now available to Censys users.
Censys Platform
- The new Censys Platform is now available. The Censys Platform gives you sharper insights into internet-facing assets and actionable intelligence to mitigate risks.
- Read our new documentation for the Censys Platform to learn how to use the new datasets, query language, and additional functionality.
- This initial release of the Platform is available to Free and Standard license users. Additional features and support for Enterprise customers will be released in the coming weeks.
Censys Search
- Deployed improvements to the automatic protocol detection of certain protocols running on non-standard ports.
- Added support for Trend Micro Locality Sensitive Hash (TLSH) of HTTP bodies.
- These values are present in the services.http.response.body_hashes field and are prepended by tlsh.
Censys ASM
- Updated the Saved Query Automation configuration UI in the ASM console. You can now configure saved query alerts as well as auto-tagging (see below) from the new “Automate” menu for saved queries.
- Save time and accelerate research and remediation by automating manual workflows with auto-tagging.
- Whenever an asset matches a saved query, that asset is tagged. When an asset no longer matches the saved query, the asset is untagged.
- Auto-tagging checks for new or removed assets every hour.
- You can enable or disable Auto-tagging in the updated Saved Query Automation UI.
- Auto-tagging is available to ASM Enterprise customers.
- Learn more about Saved Query Automation in this video.
Rapid Response
The Censys Rapid Response team published information about and queries for the following issues and vulnerabilities.
- Critical Vulnerabilities in Ivanti Connect Secure, Policy Secure, and CSA nCVE-2025-22467 & 3 Others]
- Use the following queries to map Ivanti products. Not all of these are necessarily vulnerable, as specific version information may not be available.
- Censys Platform query
- Censys Search query
- Censys ASM query
- Censys ASM risk query CVE-2024-10644 & CVE-2024-38657]
- Censys ASM risk query CVE-2025-22467]
New Fingerprints
Added the following fingerprints.
| Type | Name | Description | Query |
| risk | Vulnerable Ivanti Connect Secure Application cCVE-2024-10644 & CVE-2024-38657] | This Ivanti Connect Secure (before 22.7R2.4) application is vulnerable to CVE-2024-10644 & CVE-2024-38657. CVE-2024-10644 is a code injection vulnerability and CVE-2024-38657 is an OS injection vulnerability. Both vulnerabilites require the attacker to be authenticated with administrative privileges and have the potential impact of remote code execution if exploited. | |
| risk | Vulnerable Ivanti Connect Secure Application cCVE-2025-22467] | This Ivanti Connect Secure (before 22.7R2.6) application is vulnerable to CVE-2025-22467, a stack based overflow vulnerability that allows a remote authenticated attacker to achieve remote code execution. |
