Certificates are discovered through 4 main methods.
Domain Scanning
Through the domains that have been added to your account, the identities feature and some cross-referencing of records; Red Sift Certificates generates a list of relevant domains and subdomains, then queries these to find certificates that are hosted on them.
IP Scanning
Through IP addresses added to your account manually or discovered via A records; Red Sift Certificates scans these IPs for certificates and also uses them to find additional relevant hostnames.
Integrations
Through manually configured connections to external platforms; Red Sift Certificates can find hostnames, IPs and certificates from a number of existing platforms. (Such as AWS, Azure or Digicert).
CT Logs
Certificate Transparency, or CT, Logs are a lengthy ledger of all registered certificates, published and updates constantly by Google, Cloudflare, Digicert and other large web hosts. Red Sift Certificates cross references the previously mentioned hostnames and IPs against this ever-growing list of ~7 Billion registrations to find certificates relevant to your assets.