Ann Arbor – To scan the internet sounds like a dizzying, if not impossible, task. But one team of researchers at the University of Michigan figured it out within hours.
This technology, called the ZMap Scanner and developed within the computer science department, represented a new frontier in cybersecurity, so J. Alex Halderman, Zakir Durumeric and David Adrian -- along with two experienced executives including Dave Corcoran, struck a deal with the university and spun it into their own startup: Censys.
The company received its first funding from local angel investors, including Duo Security. In June 2018, Censys raised just over $2 million in seed funding. and raised another round in August. That amount is still under wraps.
✉ Like what you're reading? Sign up for our email newsletter here!
Duo Security co-founder and General Manager Dug Song also serves on Censys' board.
"In a fast-moving environment, organizations need to look both inside-out, and outside-in to see what attackers can see, and where you are vulnerable," Song told investment firm Decibel in a recent interview. "Censys has created a search engine that maps the world's networks, devices and internet-facing attack surface. It's like a detailed Google Maps view for every public IP address."
When the founders spun out of the University of Michigan in 2017, they got to work right away out of a small house on Liberty Street. They found that the ZMap Scanner had about 60,000 users, many of whom were in the Fortune 2,000.
"What we found very quickly was that not only did the people who were using the data find it very valuable, but they were actually willing to pay for it," said Corcoran, Censys' CEO. "So, we put a price tag on it, we started selling it. We got a bunch of customers in the first few months."
The Censys team spent months speaking with clients to find out what they use the technology for. "It was predominantly to track external threat actors, and then they wanted to see what their network posture was," said Corcoran. "Since we scan the internet from the outside in, we can actually tell you as a company what you look like from an attacker’s perspective."
In early 2019, the team began to automate the technology so it could help companies and organizations filter through massive amounts of data.
"We can help you find anomalies in your network, and those anomalies are the things you want to track," said Corcoran. "Because if you can’t track everything you have on the internet that’s exposed, how are you going to secure yourself? It’s kind of this new product, new market, which is attack surface discovery. People want to know: What do they look like from an attacker’s perspective?"
Censys' clients include Google, the U.S. Department of Homeland Security, NATO, the Swiss Armed Forces and others.
With 30 employees in Ann Arbor; Ottawa, Ontario; Pittsburgh; and Fort Wayne, Indiana, the company plans to more than double its team by next year. One year ago, the team moved into a four-story building on Main Street in the heart of downtown Ann Arbor and plans to fill the space quickly with new talent.
Who are they looking for?
"Most of it is software developers. We love people with security network experience, people who truly understand how the internet works," said Corcoran. "We need people that are sales or sales engineers. We also need product management as the product gets a little more complicated moving forward."
The product will become available for the general public next week, a step that Corcoran said the team is "super excited" about.
As for Ann Arbor, Censys is here to stay.
"There's too much DNA here," said Corcoran. "There’s always a situation where you might open another office somewhere else, and it might be because you’re trying to capture a certain talent pool. Duo opened an Austin office, for example. That’s always an option."
To learn more about Censys, visit www.censys.io.
All About Ann Arbor is powered by ClickOnDetroit/WDIV.