Censys - tried connecting to my SMA on port 443

ScottK123

Yesterday our cybersecurity system detected an IP owned by Censys trying to connect to our SMA on port 443. Censys is a company I am not familiar with, but describes itself as “The Leading Internet Intelligence Platform for Threat Hunting and Attack Surface Management”. Censys has lots of posts about SonicWall vulnerabilities recently.

I'm wondering if Sonicwall has engaged with Censys for some sort of penetration testing? Or if Censys is just doing blanket attempts on public IP addresses to find vulnerable Sonicwall products?

ScottK123

I posted on Censys also. One of their support agents verified that it was Censys…scanning. They do perform scans…glad our cybersecurity system found it and I can now block the IP range it came from.