Censys Gets $75M to Grow Globally, Spend on Cloud, AnalyticsNew Capital, Debt Funding Will Help Censys Analyze History of Vulnerable Data
A threat hunting and exposure management startup led by ex-OneLogin CEO Brad Brooks received $75 million to invest in cloud and analytics and grow globally.
Ann Arbor, Michigan-based Censys said the combined equity and debt funding will allow the company to offer a more complete look at the history of vulnerable data as well as what's taking place in real time across customer cloud environments. The money will also enable Censys to grow in government, large-enterprise and international markets and give organizations a better picture of what's happening in their environments (see: The State of Security Leadership).
"If you've got a product that's in high demand, the money is out there," CEO Brooks told Information Security Media Group. "We believe we have the most comprehensive golden map of the internet in terms of what we've built around a view of the infrastructure of the entire internet. And we do some things that nobody else does around attributing ownership of specific items on the internet."
Demystifying Data in the Public Cloud
Brooks said the investment consists of a $50 million Series C capital raise led by Decibel Partners, GV, Greylock and Intel Capital as well as $25 million in debt funding from SVB Capital. Censys was founded in 2017, employs 129 people and has raised $128.1 million in outside funding. The company closed a $35 million Series B round led by Intel Capital in January 2022, and Brooks started as CEO that same month.
Censys today can tell customers whether their data is in a state that's exploitable, and Brooks said the company's investments will help customers determine how long their company has been in a vulnerable state as well as what changed to make the data exploitable. The company has built a historical record going back to 2017 and can look at how the posture of specific pieces of data has changed over that time, Brooks said.
"We have the most comprehensive golden map of the internet."
– Brad Brooks, CEO, Censys
The company also plans to double down on its ability to perform real-time scanning of what's taking place in public cloud settings such as Amazon Web Services and Google Cloud. Censys' history and attribution capability allows customers to determine how long they've owned a particular asset in the public cloud as well as the state it's currently in, and updates are continuously provided in real time, according to Brooks.
"Environments change very quickly in terms of the structure and ownership of assets that are identified within those environments," Brooks said. "Being able to do that very quickly is a big data problem and a big scale problem. And it's an area where we've started off, but we want to really increase the investment technologically to expand out."
Critical Protection for Critical Infrastructure
From a go-to-market perspective, Brooks said, Censys wants to fulfill demand in the U.S. government market around both what the posture of their critical infrastructure looks like on a day-to-day basis as well as what the offensive threat landscape looks like globally around specific types of threats. In the enterprise space, he wants Censys to do more work with hospitals, which are facing a barrage of ransomware attacks.
Brooks would like to see Censys' revenue from outside North America increase from 25% today to more than 30% a year from now by taking advantage of opportunities with Western European organizations concerned about fallout from the Russia-Ukraine war. Similarly, China's aggression has created opportunities with organizations in Taiwan and Japan for robust cyber protection, according to Brooks.
As far as metrics are concerned, Brooks wants to increase the number of unique searchers on Censys' platform beyond the existing 350,000 figure as well as expand the consumption of data within the security models of existing users. Increasing usage will boost top-line revenue as well as profitability, according to Brooks.
"At the end of the day, we get the visibility with a very strong signal. We do it better than anybody else," Brooks said. "We update faster and more frequently, and we give a more comprehensive picture."