Red Sift Brand Trust launches first GPT-4 powered feature, Relevance Detection

Relevance Detection is an AI-powered feature that automatically classifies the significance of identities found across sources such as DNS, WHOIS info, SSL certificates, and many others. By automatically pinpointing and highlighting the most relevant identities, Red Sift empowers your organization to enable the identities of choice in order to uncover and categorize more of your assets across the internet.

What are identities?

Identities are unique queries that use the metadata parsed from your existing inventory as search terms. Think of them as signals or snippets of interesting information that are associated with domains that can be used to discover potential assets that haven’t yet been found, or have been parked or forgotten and left unsecured.

Examples of identities can be:

  • Domain name registration identities (from WHOIS and RDAP)
  • Domain name email addresses
  • Organization names hidden in SSL certificates
  • Mail records, such as MX or SOA 
  • Mail server relationships
  • Private name servers

How does Relevance Detection work?

Brand Trust’s Relevance Detection feature leverages functionality that exists inside ASM (formerly Hardenize), Red Sift’s Attack Surface Management and Network Perimeter Protection solution. In ASM, Related Domain Discovery automatically monitors all configuration aspects of your known domain names and hosts to extract your unique identities. Once those have been found, ASM continuously monitors global databases to discover new domain names associated with those identities. 

We ingest 10 million new certificates a month and check more than 1.9bn hostnames in our own database. Our proprietary methods of real-time monitoring of publicly-issued certificates and discovery of hostnames mean that identities are created as soon as the metadata is published on the internet and that new discoveries can be found by them in real time. 

Historically, Brand Trust and ASM surfaced a set of identities that, while overlapping, were slightly different. We’ve worked on combining the technologies and now Brand Trust surfaces all discovered identities to its users. By leveraging OpenAI’s GPT-4 technology, it is then able to automatically scan each identity and generate a custom recommendation that tells you whether an identity should be enabled and why. Relevance Detection puts the power back into your hands and lets you decide which identities you want to include in your domain asset discovery process.

Relevance Detection, Brand Trust’s new AI-powered identity classification feature

In addition, the AI that powers Relevance Detection automatically translates identities that have been picked up in foreign languages, making it extremely useful for the average non-multilingual human who would otherwise not be able to understand and review them.

Once identities that appear relevant have been reviewed and enabled, Brand Trust is able to surface any undiscovered domain assets owned by your company, as well as uncover any potential lookalikes that exist in the wild. This enhanced discovery allows you to discover assets that may have been parked or even forgotten years ago and, if left vulnerable, could be an exploitable attack surface.

Relevance Detection, an invaluable feature for large, distributed organizations with complex domain name inventories

For large organizations that struggle with network monitoring, this feature is invaluable. While building a comprehensive list of domain names may be a simpler task for smaller organizations, at scale, it’s very difficult. For very large, distributed, organizations that have experienced years of mergers and acquisitions, building a good list requires a lot of effort – maintaining it even more so.

For organizations that do successfully generate and maintain comprehensive asset inventory lists, they are still difficult to evaluate given their volume and complexity. Relevance Detection removes that pain by automating the identity discovery and classification process, and providing you with recommendations for full identity enablement with just a couple of clicks. After all, the more visibility you have of your domain estate, the faster and better you are able to secure any vulnerabilities that exist.

According to a survey conducted by MIT Technology Review Insights of 700+ global leaders, over 50% said they have experienced a cybersecurity attack originating from an unknown, unmanaged, or poorly managed digital asset.

A case study: Major financial brand worth $300B tests Brand Trust’s Relevance Detection

Red Sift recently had the opportunity to present Relevance Detection to one of the world’s most valuable financial organizations.  

After adding the company’s main domain and just a couple of the brand’s logos into Brand Trust, the solution worked its magic and quickly suggested some 300 identities. Despite choosing only a small number of identities to enable, the results were astonishing. Brand Trust uncovered a number of high-risk, malicious lookalikes that the company had previously been completely unaware of. 

The first malicious lookalike domain that Brand Trust uncovered had been blocked by Google Safe Browsing and marked as a credential harvesting/social engineering page. However, despite it having been reported, it was still live on the internet and operating without the company being aware of its existence.

In this Domain Details preview, Brand Trust uncovers a malicious lookalike that has been flagged as social engineering

The second lookalike Relevance Detection detected had fraudulently used various elements of the financial firm’s branding, including logos, typefaces, and brand imagery to con users into believing it was legitimate. Upon closer investigation, we identified that the CTAs used across the website were linked to a WhatsApp number, strongly suggesting that the owner of this domain was running a scam operation. This page was also still live and had not made it onto any block lists, even after 20 days of being online. 

When presented with these findings, this financial organization commented that Relevance Detection “blew their minds” and highlighted the chronic need for a solution as sophisticated as Brand Trust, made only stronger by the power of AI. 

Curious to find out what assets or vulnerabilities your organization is waiting to uncover? Get in touch to book your free Brand Trust demo now.

PUBLISHED BY

Francesca Rünger-Field

5 Jun. 2023

SHARE ARTICLE:

Categories

Recent Posts

VIEW ALL
Cybersecurity

The role of DMARC in email security 

Red Sift

We’ll admit it, we’re pretty nerdy for email security and are passionate about ensuring your organization is protected from harmful cyber attacks and bad actors. You’ll often hear us talk about Domain-based Message Authentication, Reporting and Compliance (DMARC) because…it’s kind of a big deal. Yet, as Antony Seedhouse highlighted at the recent e-Crimes &…

Read more
DMARC

Mail Check: Navigating the new changes

Jack Lilley

The National Cyber Security Centre (NCSC) recently proposed updates to its Mail Check coming into effect on 24 March 2025. As the service evolves to focus on accessibility and scalability, some of the features that UK public sector organisations relied on will no longer be available, including DMARC aggregate reporting. To help make sense…

Read more
Cybersecurity

Exploring the complexities of cyber insurance with Harpreet Mann

Sean Costigan

In the fourth episode of Resilience Rising, Sean Costigan, Managing Director of Resilience Strategy at Red Sift, delves into the intricacies of cyber insurance with Harpreet Mann, President of Amynta Trade Credit and Political Risk Solutions. Drawing on her extensive experience in insurance and risk management, Harpreet sheds light on the challenges and transformative…

Read more
DORA

Countdown to compliance: Are you ready for the DORA deadline?

Jack Lilley

The European Union’s (EU) Digital Operational Resilience Act (DORA) deadline approaches, with just one week to go before the DORA applies to all financial entities and their ICT service providers on January 17 2025. Sectors affected by the DORA include but are not limited to: Understanding and ensuring compliance with the upcoming legislation need…

Read more