Censys scans the entire public internet - daily $70M strategic raise led by Morgan Stanley Expansion Capital, 2026 ~$149M total funding to date Trusted by 50%+ of the Fortune 500 Selected by the U.S. Office of the Director of National Intelligence Born from ZMap at the University of Michigan 4 billion IP addresses pinged every day Censys scans the entire public internet - daily $70M strategic raise led by Morgan Stanley Expansion Capital, 2026 ~$149M total funding to date Trusted by 50%+ of the Fortune 500 Selected by the U.S. Office of the Director of National Intelligence Born from ZMap at the University of Michigan 4 billion IP addresses pinged every day
Ann Arbor, Michigan  •  Founded 2017 THE COMPANY FILE  •  No. 519290
Internet Intelligence • Cybersecurity

Censys.

The company that takes a running census of the entire internet - and hands the map to the people defending it.

Censys logo - two interlocking orange rings beside the wordmark on a deep navy field

The Censys mark: two rings that don't quite close, like the internet it tries to enclose. Photographed as it appears - a wordmark that has outgrown the lab it was born in.

~4B
IPs scanned daily
300K+
Security practitioners
$149M
Total funding
50%+
of the Fortune 500
The Profile

A search engine for everything plugged into the internet

Here is a fact that should probably bother you more than it does: your organization almost certainly has things connected to the internet that nobody remembers connecting. A test server from 2019. A cloud instance a contractor spun up. A certificate that expired and then didn't. Attackers love these things, because the first rule of getting into a network is finding a door nobody is watching. Censys is a company built on the premise that you cannot defend a door you don't know exists - so it went and cataloged all the doors.

The way it does this is almost aggressively literal. Every day, Censys scans the public internet - roughly four billion IP addresses - records what it finds, and organizes the result into something you can search the way you'd search Google. What services are running on this host? Which certificates does this organization use? Where is this piece of malware infrastructure hiding? The internet is enormous and mostly opaque, and Censys's entire proposition is that opacity is a choice, not a law of physics. You can, in fact, look. Censys just does the looking at scale, on a schedule, and sells you the results.

"Censys aims to maintain a complete, searchable database of everything on the Internet."- The stated mission, more or less unchanged since the lab days

If that sounds like an academic ambition, that's because it started as one. The commercial polish came later. What you're looking at is a research project that grew up, put on a blazer, and discovered that half the Fortune 500 would pay for what it had been giving away to grad students.

Origins

From a 45-minute scan to a company

In 2013, a University of Michigan graduate student named Zakir Durumeric wrote a tool called ZMap. The pitch for ZMap was slightly unhinged in the best academic way: it could scan the entire public IPv4 address space - every address on the internet - in under 45 minutes. Before ZMap, surveying the whole internet was a months-long research undertaking. After ZMap, it was something you could do before lunch.

Once you can scan the internet in 45 minutes, an obvious question follows: what do you do with all that data? The answer, developed in professor J. Alex Halderman's lab, was Censys - a searchable database built on top of ZMap's firehose. It launched as a research project in 2015. By 2017, Durumeric had teamed up with an entrepreneur to spin it out as an independent company in Ann Arbor, and the thing that had been a way for researchers to ask questions about the internet became a way for security teams to ask questions about their own exposure.

The name is a pun on census. Censys takes a census of the internet. Once you see it, you can't unsee it.- A fun fact that doubles as the entire business model

This origin matters more than a typical founding story, because the data is the whole company. Anyone can build a dashboard. Very few organizations can credibly claim to have a fresh, high-fidelity map of the entire internet refreshed daily. That map is the moat, and the moat was dug by a scanner that runs faster than your coffee break.

The Product

What you can actually do with it

Censys packages its internet map into a few products that all draw from the same well. Censys Search, the original, lets researchers and defenders query internet hosts, services, and certificates in real time. Attack Surface Management - the pivot the company made around 2019 - turns that lens inward: it continuously discovers an organization's known and, more importantly, unknown internet-facing assets, then scores each exposure by severity so a security team knows what to fix first. And the broader Internet Intelligence Platform stitches it all together for threat hunting and tracking adversary infrastructure across the open internet.

The practical value is unglamorous and enormous. A bank finds the forgotten subsidiary domain still serving an old login page. A government agency maps the infrastructure a threat actor is quietly reusing across campaigns. A software company gets a running inventory of every cloud asset carrying its name, including the ones its own engineers forgot about. This is not exciting in the way a zero-day is exciting. It's exciting in the way an accurate inventory is exciting to anyone who has ever been robbed through a door they didn't know was unlocked.

Who's on the customer list
GoogleMicrosoftT-MobileVerizonWalmartPepsiCoBank of AmericaBloombergCrowdStrikeRockwellStanford MedicineSwiss Armed ForcesCISAU.S. DHS
The Money

Roughly $149 million, and a government mandate

Investors have found the census compelling. Censys raised a $2.6M seed in 2018 with GV among the early backers, a $15.5M Series A in 2020, and a $35M Series B in early 2022 led by Intel Capital - the round that also brought in Brad Brooks, a veteran of OneLogin and DocuSign, as CEO. Then in March 2026 the company closed a $70M strategic round - $40M in equity plus $30M in debt - led by Morgan Stanley Expansion Capital, pushing total funding to about $149 million.

2018
$2.6M seed
2020
$15.5M Series A
2022
$35M Series B
2026
$70M strategic

The stated use of the 2026 money is to make the internet map "AI-actionable," which is the kind of phrase that usually means nothing and occasionally means something. Here it plausibly means something, because the bottleneck for AI in security has never been the models - it's the data. An automated system reasoning about threats is only as good as its picture of reality, and Censys spent a decade building an unusually clean picture of reality. The bet is that whoever owns the ground truth gets to sell it to everyone building on top.

The vote of confidence that's harder to buy came in 2024, when the U.S. Office of the Director of National Intelligence selected Censys to provide its Internet Intelligence Platform to U.S. intelligence agencies. Governments do not, as a rule, outsource their view of the internet casually. That they chose a company from an Ann Arbor lab says something about how good the data has to be.

You can't defend what you can't see.- The unofficial one-line thesis of attack surface management
The Landscape

Censys, Shodan, and the map wars

Censys is not the only company that scans and indexes the internet. Its most famous peer is Shodan, the search engine that made "the internet's IoT devices are terrifyingly exposed" a mainstream idea. The larger security platforms circle the same territory - Palo Alto's Cortex Xpanse, Microsoft Defender EASM, Rapid7, Tenable, CyCognito, GreyNoise. What separates them is mostly the quality and freshness of the underlying data, which is a boring thing to compete on and also the only thing that ultimately matters. A map that's out of date is worse than no map, because it tells you you're safe in exactly the places you aren't.

Censys's edge is genealogical. It came from the people who wrote the scanner that made fast internet-wide measurement possible in the first place, and it treats data quality as a research discipline rather than a feature. Whether that edge holds as the giants pour resources into the category is the open question. But it's a good position to defend: the internet keeps getting bigger, the number of forgotten doors keeps growing, and the demand for someone to keep an honest count is not going away.

The Culture

A research lab that learned to sell

You can usually tell a company's origin by what it treats as sacred, and at Censys the sacred thing is the data. That's the tell of a company still run, in spirit, by researchers. The open-source ZMap project remains part of the story rather than a discarded prototype, and the founding academics - Durumeric, now the company's Chief Scientist, and his faculty advisor Halderman - kept measuring the internet as a scholarly pursuit even as the commercial product took shape. It gives Censys an unusual dual identity: half security vendor, half internet-measurement observatory. The community that came up on free access to Censys data for research is not an afterthought; it is arguably the reason the data is trusted at all.

That heritage also shapes how the company talks about itself, which is refreshingly free of the doom-marketing common in cybersecurity. There is no countdown clock, no cartoon hacker in a hoodie. The proposition is closer to accounting than to warfare: here is a complete inventory, here is what's exposed, here is what to fix first. It's a quieter pitch, and a more durable one, because inventories don't go out of fashion the way threats-of-the-week do.

The Stakes

Why an honest map of the internet matters

Step back and the reason this company exists is almost philosophical. The internet was built as a network of trust between machines that mostly assumed the other side was friendly. It grew far past anyone's ability to keep track of it, and the gap between what organizations think they have online and what they actually have online is where an enormous share of breaches happen. That gap is not a technology problem you can patch. It's a knowledge problem - and knowledge problems get solved by better measurement.

Censys is a bet that measurement is the foundation everything else sits on. You can buy the smartest detection system in the world, but if it's blind to the asset that gets compromised, it may as well not exist. By keeping a running, daily census of the whole internet and handing organizations back the slice that is theirs - including the parts they'd forgotten - Censys is selling the least glamorous and most load-bearing thing in security: an accurate picture of reality. That the map came out of a 45-minute scanner written by a graduate student is the kind of detail that makes the whole thing more believable, not less.

The Questions People Ask

FAQ

What does Censys actually do?
It maintains a real-time, searchable map of the public internet and turns that data into products for attack surface management, threat hunting, and exposure management - helping defenders find and fix internet-facing risk before attackers exploit it.
Where did Censys come from?
It grew out of the ZMap internet-scanning project at the University of Michigan, launched as a research tool in 2015 and spun out as a company in 2017 in Ann Arbor, Michigan.
Who uses it?
More than 300,000 security practitioners, over half the Fortune 500, and U.S. government and intelligence agencies - including customers like Google, Microsoft, T-Mobile, CISA, and the Swiss Armed Forces.
How is it different from Shodan?
Both scan and index internet infrastructure, but Censys emphasizes daily-refreshed, high-fidelity data and a broader enterprise platform spanning attack surface management, threat hunting, and exposure management.
How much has Censys raised?
Roughly $149M in total, including a $70M strategic round ($40M equity plus $30M debt) in 2026 led by Morgan Stanley Expansion Capital.

Share the file on Censys

Go Deeper