The Censys ASM for Splunk app brings an outside-in perspective of organizations' Internet-facing networks to security operations. Changelog events related to the attackable surface area of an organization can be imported to Splunk in order to update inventory and to help security professionals prioritize and remediate risk. Data from the Censys ASM Logbook is visualized with a pre-built dashboard that can be customized with additional views. Events can also be searched using Splunk SPL as part of security investigations. Sample Host Events Generated by the Censys ASM platform - Port Opened on Host - New Protocol on Host - Software Detected on Host (CPE format supported) Sample Risks Detected by the Censys ASM platform - Insecure TLS settings - Services that should be not be publicly exposed - Exposed storage buckets with loose permissions Use these events to trigger investigations or remediations, or to enhance logs and playbooks in downstream security flows.
(0)
Categories
Created By
Source Code
Type
Downloads
Licensing
Splunk Answers
Resources