Censys Raises $70M to Advance AI-Driven Threat Intelligence #AI

See Also: AI Security Risks Rise With Agentic Systems

The $40 million Series D and $30 million of debt financing will enable Ann Arbor, Michigan-based Censys to give organizations insight into their own infrastructure, supply chains and adversary behavior through internet-wide intelligence, said co-founder and CEO Zakir Durumeric. Without that context, Durumeric said AI risks making incomplete or incorrect security decisions.

“We have seen for many years how many of the most sophisticated teams have been able to leverage this data to understand themselves, understand their supply chain, understand adversaries and to really proactively protect themselves on the internet,” Durumeric told ISMG.

Censys, founded in 2017, employs 166 people and has raised $198 million, having last brought in $75 million of Series C funding and debt financing in October 2023. The company has been led since fall 2025 by Durumeric, who has served as Censys’s chief scientist from the company’s establishment until last year. Durumeric is also a Stanford assistant professor focused on internet security, trust and safety (see: Censys Gets $75M to Grow Globally, Spend on Cloud, Analytics).

Interpreting Internet Data and Turning It Into Action

Durumeric said Censys was historically known for offering deep visibility into internet infrastructure to highly sophisticated security teams that can interpret raw data and turn it into action. Instead of requiring elite expertise to interpret signals, Censys aims to embed intelligence directly into workflows and tools so the firm’s intelligence can be consumed by a broad range of organizations, Durumeric said.

“We’re really focused on, ‘How do we enable the next generation of security operations solutions and playbooks with this right context, this right intelligence, to make the fast triage decisions and the fast prioritization decisions as accurately as possible?'” Durumeric said.

The time between vulnerability disclosure and exploitation is shrinking rapidly as attackers automate reconnaissance and weaponization, enabling them to operate at unprecedented speed and leaving defenders with less time to react. And early evidence shows adversaries using AI agents to orchestrate attacks, test multiple vectors simultaneously and adapt in real time, which raises the stakes significantly.

“I think the future we know is going to have to be a much more real-time, automated approach to security,” Durumeric said. “We’re not going to necessarily have time to manually understand, prioritize and patch the systems before attackers begin to exploit what is on the internet.”

Given the speed and sophistication of modern attacks, traditional, manual security processes are no longer viable since organizations can’t rely on humans to investigate, prioritize and patch vulnerabilities fast enough to keep pace. The future of security operations must therefore be real-time and automated and include continuous monitoring, rapid prioritization of threats and automated response mechanisms.

“What I think is very exciting about this moment in time is how people are starting to leverage AI to automate many of these processes,” Durumeric said. “And what we’re really excited about at Censys is how AI can pair with data to really develop the next generation of solutions.”

Why Organizations Struggle to Understand Own Environment

One of the most persistent challenges organizations face is understanding their own environment, with many companies struggling to determine what assets they own, what’s exposed and what’s vulnerable. Enterprises are increasingly distributed across multiple cloud environments, Durumeric said, resulting in a sprawling, fragmented attack surface that’s difficult to map and secure.

“The infrastructure is what has to be protected,” Durumeric said. “It’s what attackers are using to mount these attacks.”

Traditional threat intelligence has largely been reactive based on analyzing past incidents and sharing indicators of compromise after attacks occur, which Durumeric said is no longer sufficient. Censys is focused on enabling proactive defense by identifying attacker infrastructure before it’s used in attacks. By probing patterns and behaviors, the firm aims to spot malicious infrastructure as it’s being prepared.

“There’s a lot of opportunity for how we make our protection of ourselves on the internet to be more real time and automated, how we’re building up the intelligence needed to really prioritize and respond to these attacks as quickly as possible, as well as to help organizations become more proactive in defending themselves by tracking how adversaries are changing in real time,” Durumeric said.

Other vendors focus on specific domains such as malware analysis, domain intelligence or darkweb monitoring, while Durumeric said Censys focuses on connecting the dots between attacker behavior and actionable defense. While organizations may understand tactics and techniques, they ultimately need to take concrete actions such as blocking IP addresses, patching systems or investigating specific assets.

“For the most part, there aren’t other providers that are providing this type of infrastructure intelligence that we see,” Durumeric said.