Internet-Scanning U-M Startup Offers New Approach to Cybersecurity


Ann Arbor-based Censys, a tech startup based on technology developed at the University of Michigan, has announced the launch of the commercially available version of its internet-wide scanning tool.

Censys is based on technology that was developed in the lab of U-M computer science and engineering professor J. Alex Halderman. It works by continually scanning the internet and analyzing every publicly visible server and device before using the data to create a dynamic, searchable snapshot of the entire internet.

Designed for IT experts working to secure large networks, Censys is a cybersecurity defense tool that seeks to assist IT experts who currently have no way to get a comprehensive view of their own networks.

“Network security doesn’t have to be black magic,” says Halderman. “So much of security practice is based on untested assumptions, but in fact security can be quantified and studied the same way we use data to study human health.”

While scanning, Censys performs an “application-layer handshake,” which is a brief data exchange with every device that has a public internet address. After it dissects the data, it pulls out information such as protocol, device type, manufacturer, software version, and age. It also has tools capable of scanning for specific vulnerabilities and the ability for additional scanners to be added should new threats appear.

Since its start in 2015, Censys has been available for free to noncommercial users where it has been used in hundreds of peer-reviewed studies and helped researchers understand some of the most significant internet security threats of recent years, says Halderman.

Throughout the past six months, the team has worked closely with the U-M Office of Technology Transfer to license the technology and form a new company, making it available to commercial customers. IT experts are now able to use it to search all the devices in their domain in order to get a detailed view of their public internet footprint along with providing analytics that outline vulnerabilities.

For companies that want to build their own applications around the data that powers Censys, it will be available for licensing, while remaining free for noncommercial use.

According to Halderman, internet-wide scanning is not new as hackers have known about it for years. He feels Censys levels the playing field.

“It’s similar to Google Street View, where we’re gathering what’s already publicly visible and making it available in one place,” he says. “To extend the analogy, we just take a picture from the sidewalk. We don’t peek in the door, we don’t jiggle the locks.”

Networks that do not wish to be scanned can opt out. However, Halderman says this request has been rare over the past five years.

Censys has nine full-time employees and is an outgrowth of the ZMap Project, a suite of open-source internet scanning tools that Halderman’s lab began developing U-M in 2013. Censys builds on the ZMap Project. Censys CEO and co-founder Brian Kelly says that companies like Censys are helping to cement Ann Arbor’s status as a hub for tech security companies.

“It’s great to see that investors are no longer shy about investing in a company that isn’t in Silicon Valley, and the talent pool here is phenomenal,” says Kelly. “U-M in particular has been really helpful in creating an environment where we can take software products out of the lab and into the real world.”

The technology behind Censys is detailed in “A Search Engine Backed by Internet-Wide Scanning,” published in the Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security in 2015. The study was authored by Halderman; former U-M computer science and engineering students Zakir Durumeric, David Adrian and Ariana Mirian; and Michael Bailey of the University of Illinois.

Facebook Comments