Censys ASM

Censys ASM

Overview

The Censys ASM integration provides continuous visibility into your organization's vulnerability posture by connecting the Praetorian Guard Platform (PGP) to your Censys Attack Surface Management workspace. This integration ingests risks, and optionally assets, that Censys ASM discovers for your organization so they can be correlated with the rest of your attack surface in PGP.

This integration operates in a read-only capacity. PGP queries the Censys ASM API to retrieve risk and asset data and never modifies workspaces, scans, or configurations in Censys.

Note: This is a different product than Censys Search. If you want to ingest data from the Censys Search API (internet-wide scanning), use the separate Censys integration.

What the Integration Does

When connected, PGP authenticates to the Censys ASM API using a workspace-scoped API key and performs a read-only sync. Two independent import streams can be enabled per connection:

  • Vulnerability import -- Risks identified by Censys ASM are imported into PGP as risks, preserving severity and affected-asset context.

  • Asset import -- Discovered hosts, domains, and certificates are imported into PGP as assets, extending your PGP inventory with assets Censys ASM has attributed to your organization.

Multiple Censys ASM workspaces can be connected by configuring the integration once per workspace.

Prerequisites

Before setting up the integration, ensure you have:

  • An active Censys ASM subscription with access to at least one workspace

  • A Censys ASM API key for each workspace you want to connect

Identifying Your Workspace

  • Log in to Censys ASM at https://app.censys.io

  • Your workspace name appears in the top-left corner of the dashboard

  • If you have multiple workspaces, note the name of each one you want to connect

Generating an ASM API Key

  • In the Censys ASM console, navigate to Integrations (https://app.censys.io/integrations)

  • Your ASM API key is displayed at the top of the Integrations page

  • Copy the API key -- this is a single token, not an ID:Secret pair

Each API key is scoped to one workspace. If you need to connect multiple workspaces, you will need a separate API key for each.

Setup

  • In PGP, go to Integrations and click Add Integration

  • Select Censys ASM (under Cyber Asset Attack Surface Management)

  • Enter the required credentials and choose your import preferences

  • Click Submit -- PGP will validate the credentials before saving

To connect additional Censys ASM workspaces, repeat these steps with a different Workspace Name and API key.

Field Reference

Field

Description

Required

Workspace Name

A label to identify this connection (e.g., "Production", "Staging")

Yes

ASM API Key

The workspace-scoped ASM API key from the Censys ASM Integrations page

Yes

Import Vulnerabilities

Import risks identified by Censys ASM

No

Import Assets

Import discovered hosts, domains, and certificates

No

Permissions

The ASM API key does not have granular permission scopes. It grants full read access to the workspace it belongs to. No special roles or permissions need to be configured in Censys ASM for this integration.