Where does Red Sift Certificates get certificate data?

Created by Yves Lacombe, Modified on Mon, 26 May at 11:52 AM by Yves Lacombe

Certificates are discovered through 4 main methods.

Domain Scanning

Through the domains that have been added to your account, the identities feature and some cross-referencing of records; Red Sift Certificates generates a list of relevant domains and subdomains, then queries these to find certificates that are hosted on them.

IP Scanning

Through IP addresses added to your account manually or discovered via A records; Red Sift Certificates scans these IPs for certificates and also uses them to find additional relevant hostnames.


Integrations

Through manually configured connections to external platforms; Red Sift Certificates can find hostnames, IPs and certificates from a number of existing platforms. (Such as AWS, Azure or Digicert).

CT Logs

Certificate Transparency, or CT, Logs are a lengthy ledger of all registered certificates, published and updates constantly by Google, Cloudflare, Digicert and other large web hosts. Red Sift Certificates cross references the previously mentioned hostnames and IPs against this ever-growing list of ~7 Billion registrations to find certificates relevant to your assets.