It’s not every undergraduate student who falls into a research project in order to avoid a machine learning class, and shortly has 30,000 customers, but that’s what happened to David Adrian of Censys. Which isn’t to say he isn’t brilliant and hard-working. He definitely has that whiz kid mannerism about him, and he knows his stuff. Adrian was a student at the University of Michigan when he helped with the ZMap research project that became Censys: a way to “do a single port scan of the entire Internet in 45 minutes. [Founder Zakir] used that to find HTTPS servers,” Adrian says.
I asked Adrian how Censys went from the U of M ZMap research project tool to how big it is today. “In October of 2015, we published a paper about Censys called ‘A Search Engine Backed by Internet-wide Scanning‘ at [the ACM Conference on Computer and Communications Security (CCS)],” he says, “and said we were available at https://censys.io.” It took off from there.
“The tool was open source and public and other people knew about it and wanted to be able to use it, but not everyone had the structure set up to be able to do these large network scans. Their IT department wasn’t supportive or their legal department wasn’t supportive,” Adrian says, “or they didn’t have a gigabit uplink like the University of Michigan, which has basically unlimited bandwidth. And not everyone wants to deal with this…. Someone emailed us and asked, ‘What percentage of servers support this kind of outdated cryptography? I don’t want to figure this out, just do it for me.’ To answer that would have required doing some scans and trawling through a terabyte of data. We built Censys as a tool for researchers that is basically a searchable database over all of the data.”
Censys was designed to help researchers answer security-related questions. Censys is used to identify and resolve threats from vulnerable servers, to stop domain impersonation, and to stop targeted attacks. According to Censys, the search product “supports full-text searches on protocol banners and querying a wide range of derived fields. It can identify specific vulnerable devices and networks and generate statistical reports on broad usage patterns and trends. Censys returns these results in sub-second time, dramatically reducing the effort of understanding the hosts that comprise the Internet.” So, if you want to know which servers belong to whom, inquire about system vulnerabilities, or use the data in a host of any other ways, Censys allows you to find the data you need about the landscape of servers online, and very quickly. The thing is, that’s a lot of data, and not everyone’s organization is set up to be able to make the most of it efficiently.
Adrian tells me Censys is now working on a product to go on top of the database that can help analyze data for customers — to increase the accessibility of the security information and to bring Censys product to a broader market. It’s the next logical step for a company growing by leaps and bounds.
I asked Adrian if he is happy he fell into this, or is looking forward to moving on to other plans. He says he’s the one in it definitely for the longterm at Censys. “I see it as a positive that we fell into this,” he says, “because that means we weren’t grasping at straws. We were drowning in straws trying to ignore them.”
Adrian says Censys is lucky they found office space on Main Street in Ann Arbor they could expand into. If he had an ask, it would be for even more space, particularly for events. Finding office space can be a challenge in Ann Arbor, he says, when the city would always rather build a park than more office space. Tree Town politics aside, he is happy to be here, and counts himself lucky. If you would like to connect with David Adrian to talk security, you can reach him by email.