This Fall marks a major expansion of Red Sift Brand Trust with the launch of Social Media Monitoring, a new add-on that helps organizations detect and respond to fraudulent company and executive profiles across platforms such as Facebook, Instagram, LinkedIn, TikTok, and X. By extending protection beyond domains, Brand Trust now gives security teams the visibility they need to safeguard both brand identity and executive reputation in the spaces where attackers are increasingly active.
In addition to this milestone release, we’ve also delivered several enhancements across our wider portfolio, including:
- OnDMARC: Improved pass/fail graph visibility plus new and improved billing for Stripe users.
- Certificates Lite: Daily HTTPS scans and new UI access to deployment data for real visibility into live certificates.
- ASM: Automated issue management that prioritizes critical misconfigurations and closes issues once resolved, reducing manual effort.
Brand Trust: Social Media Monitoring for company and executive impersonation
Impersonation threats aren’t limited to domains. Increasingly, businesses are seeing fraudulent profiles on social platforms that misuse branding or executive identities to deceive customers and partners. These impersonations spread quickly and can be difficult to contain without the right visibility.
That’s why we’re introducing Social Media Monitoring to Red Sift Brand Trust. It extends protection beyond domains by detecting both company profile and executive impersonation across major social platforms, including Facebook, Instagram, X, TikTok, YouTube and LinkedIn.
Protecting both your brand and your executives
Fraudulent company profiles can misdirect customers to phishing sites, scams, or malware. With Social Media Monitoring, Brand Trust continuously scans for these impersonations and flags suspicious accounts for review.
Impostor accounts targeting executives pose a different but equally damaging risk: they can be used to spread misinformation, deliver malicious links, or erode trust in leadership. Social Media Monitoring detects these profiles through logo, face, and keyword recognition, giving security teams the details they need to act before harm escalates.
How it works
Social Media Monitoring lives in its own tab within Brand Trust, built with the same familiar design as the Domain Activity table. This consistency means teams can extend their monitoring to social platforms without extra training or complexity.
Behind the scenes, Brand Trust scans millions of social media profiles and surfaces only those worth investigating. Each flagged profile comes with evidence-rich context — platform details, screenshots, logo/face/keyword detections, follower counts, and status — giving teams the clarity they need to assess and prioritize risk.
From there, the Social Media Activity page makes it easy to:
- Review impersonation attempts in one place
- Search and filter across platforms
- Classify results, mark false positives, or initiate takedowns
- Track a historical record of removed or resolved profiles
Want to see Social Media Monitoring in action? Check out the interactive demo below:
Why it matters
Social platforms have become a powerful vector for impersonation, yet many organizations lack visibility here. By extending Brand Trust to cover social media, security teams gain the context needed to spot and shut down these risks before they spread
This means teams can:
- Prevent customers from engaging with fraudulent accounts
- Protect executives from targeted impersonation campaigns
- Safeguard reputation by addressing misuse of branding swiftly
Extend your brand protection across every channel
Attackers don’t limit themselves to one channel, and now, neither does Brand Trust. By extending coverage to social platforms, you gain the visibility needed to act quickly and keep impersonations from damaging your brand and executives.
To see Social Media Monitoring in action, sign up for our webinar, Defending against multi-channel brand impersonation, on November 13, 11:00 EST.
Existing customers can contact their CSM to discuss Social Media Monitoring. New to Red Sift? Connect with our team to see how Brand Trust can protect your brand across domains and social platforms.
OnDMARC
Compliance Graph improvements
We’ve reworked the DMARC Reports compliance graph, including several quality of life enhancements. In particular, we have improved the way pass/fail data is presented in the graph, having passes display upwards and fails downwards, improving the visibility of both for small values.
This means you no longer need to adjust ratios or views to understand where authentication issues are occurring.
New Billing Portal
Self-serve and other customers who pay by Stripe have been migrated to our new billing portal. Key billing functionalities, such as filling in or updating payment information or downloading invoices, are now using out-of-the-box Stripe for the best possible experience.
For the time being, other customers will continue to be served by their account managers directly.
Certificates
HTTPS scanning (port 443) in Certificates Lite
Certificates Lite now includes daily HTTPS (port 443) scans to identify which certificates are actively deployed on customer endpoints. This closes a key gap in the previous passive model, which relied only on issuance data and expiry checks.
Lite customers also gain limited UI access to deployment data through the All Endpoints page, giving them visibility into live certificates without the full advanced functionality of higher tiers.
Expiry notification settings based on Certificate Active status
To make the HTTPS scanning release even more useful in practice, we’ve updated our expiry notification settings to align with the new Active certificate insights. Previously, expiry notifications were sent for all certificates. Following customer feedback, Lite users can now choose to receive notifications only for Active certificates, i.e. those confirmed as installed and in use on endpoints.
This refinement helps organizations with large certificate inventories focus on what matters most, avoiding unnecessary alerts for certificates that aren’t currently deployed.
To read more about HTTPS scanning and smarter expiry alerts, check out the dedicated blog.
API endpoints available for Lite
Certificates Lite customers can now use the Host and Certificates APIs, enabling basic automation and integration use cases. This enhancement allows Lite users to programmatically access key functionalities without relying solely on the UI.
For example, users can now add hosts via API to streamline onboarding or fetch the list of certificates in their account to integrate certificate data into internal dashboards or monitoring systems.
These endpoints provide greater flexibility for teams managing larger environments or automating parts of their certificate lifecycle workflows. Learn more.
Mutual TLS detection
Certificates Enterprise customers now gain visibility into which endpoints have Mutual TLS (mTLS) enabled. This enhancement helps teams identify configuration issues and prepare for the phasing out of clientAuth key usage by certificate authorities.
Quick Views and Custom Views
Available for both Free and Enterprise tiers, this update lets users create and access customized or prebuilt views to streamline investigations.
- Quick Views are system-defined presets—such as Expiring Certificates, Active Certificates, or Wildcard Certificates—that provide instant access to common certificate groupings.
- Custom Views allow users to define their own filters and column selections, then save them with a custom title and description for future use.
Together, these options make it easier to quickly switch between different perspectives and focus on the certificates most relevant to each task.
ASM
Automated issue management in ASM
ASM now automatically creates issue tickets for security misconfigurations, removing the need for customers to export reports or build manual workflows. Issues are accessible directly in the UI or can be integrated into existing workflows through webhooks or GCP Pub/Sub, making alerts more actionable.
The app performs over 400 security checks, with issues generated only for warnings and criticals. Each issue contains details on the problem, its location, and remediation steps, and closes automatically once resolved. Customers can snooze or ignore issues as needed, ensuring the focus stays on active risks.
To reduce noise, issues can be filtered based on customer security policies and compliance requirements, with broader self-service policy controls planned for the future. This update means customers spend less time managing findings and more time addressing what matters.
TLS and PKI category issues are also exposed in the Certificates product with the new Issues page.
To explore the applications highlighted in this release, visit redsift.com and discover how Red Sift is helping security teams strengthen their security posture.
