Cybersecurity firm Red Sift today launched Relevance Detection, the first GPT-4 powered asset discovery and classification solution for its OnDOMAIN hostname and certification monitoring platform. 

Relevance Detection uses OpenAI LP’s GPT-4 large language model to automatically discover and contextualize identities associated with DNS, WHOIS info and SSL certificates. It tells the user what identities are associated with a given domain name, then generates recommendations on which to enable. 

“Relevance Detection leverages OpenAI’s GPT-4 technology to automatically scan each identity and generate a custom recommendation that tells security teams whether an identity should be enabled and why,” Chief Executive Rahul Powar said in an interview with SiliconANGLE. “This helps them decide which identities they want to include in their domain asset discovery process.”

At a high level, the announcement highlights a new use case for generative AI. Security teams can not only create an inventory of domain assets in the wild to protect but also identify phishing sites impersonating their organization’s brand. 

Using generative AI to find cyber assets

The release comes as the enterprise attack surface continues to grow, with research showing that the number of cyber assets increased from an average of 165,000 to 393,419 in 2023. Moreover, phishing attacks and social engineering scams continue to rise. 

In a threat landscape where cyber assets and cyber scams are continuing to increase, security practitioners are under pressure not just to inventory and secure vulnerable assets, but to identify malicious domains and phishing sites that present serious reputational risk. 

Monitoring the web for these assets manually would be a time-consuming process, but generative AI has the potential to automate the discovery and protection of these assets so security analysts can mitigate vulnerabilities before threat actors can exploit them. 

“Today 50% of companies have experienced a cyberattack from an unmanaged or poorly managed asset,” Powar said. “The average Fortune 500 company takes 12 or more hours to find a serious vulnerability, while bad actors focusing on a site takes less than 45 minutes. This means that discovering assets that are unknown, short-lived or impersonating is critical and discovering them quickly is equally as critical.”

So far, Powar explained, a financial institution valued at more than $300 billion has already used Relevance Detection to identify 300 digital identities and even discovered a third party site impersonating the organization. 

At this stage, it appears that generative AI does offer value with its ability not just to identify and contextualize digital identities, but to help human users better understand risk throughout their organization’s environment. 

GPT-4 in the domain discovery market

Red Sift said it has grown rapidly since it was founded in 2015, opening offices across North America, Spain and the U.K. while achieving total funding of $69.8 million following a $54 million Series B funding round in February 2022. Today, it checks more than 1.9 million hostnames as part of its own database, and ingests more than 10 million new certificates a month. 

Going forward, generative AI will act as a key point of differentiation against other email security providers such as Proofpoint Inc., which was acquired by Thoma Bravo for $12.3 billion in 2021. It incorporates its own domain lookup capabilities. 

For example, Proofpoint’s domain lookup solution, Domain Discover, scans newly registered domains to identify malicious subdomains and URLs that aim to hijack a site’s traffic or target unsuspecting users with phishing scams. 

Red Sift is aiming to use generative AI to differentiate itself from these providers by offering information technology administrators greater context over digital identities, and a new perspective they can use to mitigate enterprise risk.

Image: Red Sift