Red Sift: The new operating model for cyber resilience

Today marks a new milestone for Red Sift as we launched our suite of four interoperable applications built on the new Red Sift Pulse platform that combines cybersecurity intelligence, innovative generative AI and integration with existing security tools, which puts security teams on the path to cyber resilience.

Our collateral on the new applications and Pulse platform provide valuable technical detail on the use cases Red Sift addresses. What I want to do here is put it in the context of the overarching challenge we uniquely solve and the innovation behind it.

The idea of cyber resilience is not new. It’s something that our friends at NIST, the NCSC and others have advocated for some time. NIST defines it as “The ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that use or are enabled by cyber resources.” While the concept is not new, it remains somewhat of a holy grail for most organizations.

I find it more practical to talk about how to shift an organization’s security posture from reactive to proactive, i.e. from responding to incidents to preventing intrusions that disrupt businesses. Achieving this requires a new operating model that is continuous, automatic and proactive. Red Sift delivers this capability through a suite of four interoperable applications that defend against brand abuse, exact email impersonation, and vulnerable internet-facing cloud assets and certificates.

Let’s dig into how these applications combined with Pulse enables the new operating model described above.

Continuous. This is about seeing your defenses and emerging risks in real-time. This requires a strategic platform with applications that not only interoperate with each other through a shared data and asset inventory but also the wider ecosystems of solutions our customers use. We do this through REST APIs so that we can ingest terabytes of cybersecurity intelligence to give organizations complete visibility of all of their assets and potential risks. Customers also can push Red Sift application data to leading XDR platforms to integrate with existing workflows.

Automatic. It is well known that organizations have long suffered from significant understaffing challenges. This requires a solution that enables them to drive operational efficiencies at scale across their teams. We have used advanced machine learning in Red Sift solutions from our inception and bring this innovation history to bear in two ways. The first is to use generative AI to solve complex, multi-step problems for our customers in a reliable, explainable and integrated manner across the suite. This approach to generative AI coupled with the fact that it works now is extremely unique. We also use natural language understanding to allow security teams to navigate large and complex data sets and allow them to create alerts against them. We do this through a hosted version of GPT that gives teams the data they want and allows them to use natural language to instruct the platform to make an alert for future notifications. This is not hypothetical as it is with other solutions in the market. It’s available today.

Proactive. When we talk about proactive security, it means remediating risk before an active threat emerges. A perfect example of how we do this is through Brand Trust, our solution for brand impersonation monitoring and protection. Through Brand Trust we’re helping organizations answer key questions such as, what lookalike domains and subdomains exist for my company and our subsidiaries? And once you know that, how do you easily take action on those discoveries? Brand Trust provides continuous intelligence on every lookalike domain through industry-leading name-matching algorithms, GPT-powered subsidiary identification and a powerful logo-matching engine. It surfaces relevant information based on WHOIS data, DNS signals, live spam data and more to drive informed decisions. And it makes it easy to create packages to report malicious sites to Google Safe Browsing and our integrated take-down partners.

I’m extremely proud of the team’s hard work in bringing this new application suite to market. The bottom line value to our customers rests on integration and leverage. We know that if security teams are going to deal with their regulatory burden and operational overhead both now and in the future, they need solutions that integrate with their workflow and the tools already in place to give them more leverage.

As an innovative partner to these organizations, we’re automating and integrating these complex and tedious workflows in a manner that helps organizations have a more proactive stance on security. With this launch, we’re setting up that future with the solution that makes that a reality – today!

To learn more and request a demo, please reach out to me or sign up to talk to one of our experts.


Rahul Powar

2 Nov. 2023



Recent Posts


Preventing certificate related violations in cybersecurity frameworks:  A guide to certificate monitoring…

Rebecca Warren

TLS is one of the most widely adopted security protocols in the world allowing for unprecedented levels of commerce across the internet.  At the core of the TLS protocol is TLS certificates. Organizations must deploy TLS certificates and corresponding private keys to their systems to provide them with unique identities that can be reliably…

Read more

Red Sift ASM & Red Sift Certificates: the missing link in your…

Billy McDiarmid

According to Gartner, Attack Surface Management (ASM) refers to the “processes, technology and managed services deployed to discover internet-facing enterprise assets and systems and associated exposures which include misconfigured public cloud services and servers.” This broad category of tooling is used within Continuous Threat Exposure Management (CTEM) programs, with many vendors within it having…

Read more

The best tools to protect yourself from SubdoMailing

Francesca Rünger-Field

In late February 2024, ‘SubdoMailing’ became a trending search term overnight. Research by Guardio Labs uncovered a massive-scale phishing campaign that had been going on since at least 2022. At the time of reporting, the campaign had sent 5 million emails a day from more than 8,000 compromised domains and 13,000 subdomains with several…

Read more
Product Release

Red Sift’s Spring 2024 Quarterly Product Release

Francesca Rünger-Field

This early into 2024, the cybersecurity space is already buzzing with activity. Emerging standards, such as Google and Yahoo’s bulk sender requirements, mark a new era of compliance for businesses reliant on email communication. At the same time, the prevalence of sophisticated cyber threats, such as the SubdoMailing campaign, emphasizes the continual hurdles posed…

Read more