Red Sift Brand Trust launches first GPT-4 powered feature, Relevance Detection

Relevance Detection is an AI-powered feature that automatically classifies the significance of identities found across sources such as DNS, WHOIS info, SSL certificates, and many others. By automatically pinpointing and highlighting the most relevant identities, Red Sift empowers your organization to enable the identities of choice in order to uncover and categorize more of your assets across the internet.

What are identities?

Identities are unique queries that use the metadata parsed from your existing inventory as search terms. Think of them as signals or snippets of interesting information that are associated with domains that can be used to discover potential assets that haven’t yet been found, or have been parked or forgotten and left unsecured.

Examples of identities can be:

  • Domain name registration identities (from WHOIS and RDAP)
  • Domain name email addresses
  • Organization names hidden in SSL certificates
  • Mail records, such as MX or SOA 
  • Mail server relationships
  • Private name servers

How does Relevance Detection work?

Brand Trust’s Relevance Detection feature leverages functionality that exists inside ASM (formerly Hardenize), Red Sift’s Attack Surface Management and Network Perimeter Protection solution. In ASM, Related Domain Discovery automatically monitors all configuration aspects of your known domain names and hosts to extract your unique identities. Once those have been found, ASM continuously monitors global databases to discover new domain names associated with those identities. 

We ingest 10 million new certificates a month and check more than 1.9bn hostnames in our own database. Our proprietary methods of real-time monitoring of publicly-issued certificates and discovery of hostnames mean that identities are created as soon as the metadata is published on the internet and that new discoveries can be found by them in real time. 

Historically, Brand Trust and ASM surfaced a set of identities that, while overlapping, were slightly different. We’ve worked on combining the technologies and now Brand Trust surfaces all discovered identities to its users. By leveraging OpenAI’s GPT-4 technology, it is then able to automatically scan each identity and generate a custom recommendation that tells you whether an identity should be enabled and why. Relevance Detection puts the power back into your hands and lets you decide which identities you want to include in your domain asset discovery process.

Relevance Detection, Brand Trust’s new AI-powered identity classification feature

In addition, the AI that powers Relevance Detection automatically translates identities that have been picked up in foreign languages, making it extremely useful for the average non-multilingual human who would otherwise not be able to understand and review them.

Once identities that appear relevant have been reviewed and enabled, Brand Trust is able to surface any undiscovered domain assets owned by your company, as well as uncover any potential lookalikes that exist in the wild. This enhanced discovery allows you to discover assets that may have been parked or even forgotten years ago and, if left vulnerable, could be an exploitable attack surface.

Relevance Detection, an invaluable feature for large, distributed organizations with complex domain name inventories

For large organizations that struggle with network monitoring, this feature is invaluable. While building a comprehensive list of domain names may be a simpler task for smaller organizations, at scale, it’s very difficult. For very large, distributed, organizations that have experienced years of mergers and acquisitions, building a good list requires a lot of effort – maintaining it even more so.

For organizations that do successfully generate and maintain comprehensive asset inventory lists, they are still difficult to evaluate given their volume and complexity. Relevance Detection removes that pain by automating the identity discovery and classification process, and providing you with recommendations for full identity enablement with just a couple of clicks. After all, the more visibility you have of your domain estate, the faster and better you are able to secure any vulnerabilities that exist.

According to a survey conducted by MIT Technology Review Insights of 700+ global leaders, over 50% said they have experienced a cybersecurity attack originating from an unknown, unmanaged, or poorly managed digital asset.

A case study: Major financial brand worth $300B tests Brand Trust’s Relevance Detection

Red Sift recently had the opportunity to present Relevance Detection to one of the world’s most valuable financial organizations.  

After adding the company’s main domain and just a couple of the brand’s logos into Brand Trust, the solution worked its magic and quickly suggested some 300 identities. Despite choosing only a small number of identities to enable, the results were astonishing. Brand Trust uncovered a number of high-risk, malicious lookalikes that the company had previously been completely unaware of. 

The first malicious lookalike domain that Brand Trust uncovered had been blocked by Google Safe Browsing and marked as a credential harvesting/social engineering page. However, despite it having been reported, it was still live on the internet and operating without the company being aware of its existence.

In this Domain Details preview, Brand Trust uncovers a malicious lookalike that has been flagged as social engineering

The second lookalike Relevance Detection detected had fraudulently used various elements of the financial firm’s branding, including logos, typefaces, and brand imagery to con users into believing it was legitimate. Upon closer investigation, we identified that the CTAs used across the website were linked to a WhatsApp number, strongly suggesting that the owner of this domain was running a scam operation. This page was also still live and had not made it onto any block lists, even after 20 days of being online. 

When presented with these findings, this financial organization commented that Relevance Detection “blew their minds” and highlighted the chronic need for a solution as sophisticated as Brand Trust, made only stronger by the power of AI. 

Curious to find out what assets or vulnerabilities your organization is waiting to uncover? Get in touch to book your free Brand Trust demo now.

PUBLISHED BY

Francesca Rünger-Field

5 Jun. 2023

SHARE ARTICLE:

Categories

Recent Posts

VIEW ALL
Email

Cloudflare selects Red Sift as a preferred partner to provide DMARC and…

Rebecca Warren

AI-generated email attacks are rapidly growing in scale and sophistication, demanding stronger defenses from at-risk organizations. Starting today, Red Sift is excited to announce a new strategic partnership with Cloudflare, the leading connectivity cloud company, to deliver its market-leading email security application, Red Sift OnDMARC, to a broader global audience.  Today’s alignment enhances Cloudflare’s…

Read more
Cybersecurity

New Zealand moves to mandate DMARC enforcement

Jack Lilley

Executive summary: New Zealand’s Secure Government Email Framework mandates DMARC at p=reject—plus hard-fail SPF, universal DKIM, enforced MTA-STS, and TLS-RPT—by October 2025. The rules replace SEEMail, curb soaring phishing losses, and will affect every organization that emails the public sector. Key takeaways: The New Zealand Government has recently published the Secure Government Email (SGE) Common…

Read more
BEC

DMARC: The best ROI for your organization

Jack Lilley

Executive summary: Implementing DMARC delivers one of the clearest, fastest returns on investment in email security. By authenticating outgoing mail and blocking spoofed messages, DMARC cuts the direct costs of phishing and Business Email Compromise, safeguards brand reputation, and boosts deliverability—ultimately driving revenue and trimming operational workload. Key takeaways: Email is a critical communication tool for…

Read more
DMARC

400,000 DMARC boost after Microsoft’s high-volume sender update

Jack Lilley

Microsoft’s decision to join Google and Yahoo in enforcing stricter rules for high-volume senders has triggered an immediate response across the internet. In the last 30 days alone, 406,042 new domains have deployed Domain‑based Message Authentication, Reporting & Conformance (DMARC), pushing the global total to 10.9 million. While not all domains will be exclusive Outlook users,…

Read more