Request to add CGI AntiPhish to existing monitors

82 views

Skip to first unread message

Waleed

unread,

Jul 15, 2025, 10:42:51 AMJul 15

to certificate-transparency

Dear certificate transparency group,

I hope this message finds you well.

My name is Waleed, I’m a developer at CGI Netherlands working on a solution called CGI AntiPhish. CGI AntiPhish is an automated phishing prevention service that leverages Certificate Transparency logs as a core component of its detection capabilities.

The service continuously scans public certificate data to collect newly issued domains and identifies those that are likely designed for malicious purposes. Using a modular and holistic analysis stack with the aid of machine learning and artificial intelligence, CGI AntiPhish verifies domains and delivers actionable results directly to our clients. This allows our clients to automatically block and neutralise any threats to their business before they materialise, adding a crucial layer of defence against phishing attacks.

As part of our process, we also continuously track suspicious domains to determine when they go live. When a domain is linked to an active website, our system is able to analyse not only the domain itself, but also the websites source code and visual content, helping us asses the likelihood of phishing.

We’d like to request that CGI AntiPhish be added to the Certificate Transparency monitors list, as the project fundamentally relies on the transparency and accessibility made possible by Certificate Transparency. It would simply not have been possible to create our project without the excellent work of the CT community.

Please let us know if there are any further details or verification steps required to complete this request. We’d be more than happy to provide them as requested.

Thank you for your continued support and for helping us make the internet a safer place than it is today.

Kind regards,
Waleed

Winston de Greef

unread,

Jul 15, 2025, 10:49:02 AMJul 15

to certificate-...@googlegroups.com

Hi,

Does AntiPhish verify consistency between tree heads it receives? Does AntiPhish verify that the tree head served by the log is the correct one based on the hashes of the certificates it has received? And does AntiPhish gossip about the signed tree heads it has been served?

Sincerely,

Winston de Greef

--
You received this message because you are subscribed to the Google Groups "certificate-transparency" group.
To unsubscribe from this group and stop receiving emails from it, send an email to certificate-transp...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/certificate-transparency/4a57cca7-bb98-48df-8cdf-926eb91fa3d8n%40googlegroups.com.

Reply all

Reply to author

Forward

0 new messages