The Red Sift Blog
The role of DMARC in email security
Filter all blogs
All blogs
The role of DMARC in email security
We’ll admit it, we’re pretty nerdy for email security and are passionate about ensuring your organization is protected from harmful cyber attacks and bad actors. You’ll often hear us talk about Domain-based Message Authentication, Reporting and Compliance (DMARC) because…it’s kind of a big deal. Yet, as Antony Seedhouse highlighted at the recent e-Crimes &…
Read more
Mail Check: Navigating the new changes
The National Cyber Security Centre (NCSC) recently proposed updates to its Mail Check coming into effect on 24 March 2025. As the service evolves to focus on accessibility and scalability, some of the features that UK public sector organisations relied on will no longer be available, including DMARC aggregate reporting. To help make sense…
Read more
Exploring the complexities of cyber insurance with Harpreet Mann
In the fourth episode of Resilience Rising, Sean Costigan, Managing Director of Resilience Strategy at Red Sift, delves into the intricacies of cyber insurance with Harpreet Mann, President of Amynta Trade Credit and Political Risk Solutions. Drawing on her extensive experience in insurance and risk management, Harpreet sheds light on the challenges and transformative…
Read more
Countdown to compliance: Are you ready for the DORA deadline?
The European Union’s (EU) Digital Operational Resilience Act (DORA) deadline approaches, with just one week to go before the DORA applies to all financial entities and their ICT service providers on January 17 2025. Sectors affected by the DORA include but are not limited to: Understanding and ensuring compliance with the upcoming legislation need…
Read more
Predictions for 2025: Cybersecurity and the increasing rise of AI
2025 is set to be the year where cybersecurity and AI will be defined by the deepening interplay between technology and governance, the integration of AI into everyday business functions, and the reimagining of cybersecurity as a business enabler. Organizations that embrace these trends will gain not only a technological edge but also a…
Read more
Winter wins: Red Sift OnDMARC wraps up 2024 as a G2 DMARC…
The season of giving has brought us another reason to celebrate! Red Sift OnDMARC continues its winning streak in G2’s Winter 2025 report, earning Leader status in the DMARC category for another consecutive season. This recognition reflects our strong market presence and the unwavering satisfaction of our customers. Cheers to wrapping up 2024 on…
Read more
Text classification in the age of LLMs
As natural language processing (NLP) advances, text classification remains a foundational task with applications in spam detection, sentiment analysis, topic categorization, and more. Traditionally, this task depended on rule-based systems and classical machine learning algorithms. However, the emergence of deep learning, transformer architectures, and Large Language Models (LLMs) has transformed text classification, allowing for…
Read more
How to drive cybersecurity as a top business priority
Everyone has a role to play in protecting the enterprise. Whether you’re shaping strategy or implementing solutions, aligning efforts to mitigate critical risks ensures a stronger, more resilient enterprise. If you missed Red Sift’s recent webinar on “From Data to Buy-In: Driving Cybersecurity as a Top Business Priority” we’ve got you covered. The session…
Read more
BreakSPF: How to mitigate the attack
BreakSPF is a newly identified attack framework that exploits misconfigurations in the Sender Policy Framework (SPF) a widely used email authentication protocol. A common misconfiguration involves overly permissive IP ranges, where SPF records allow large blocks of IP addresses to send emails on behalf of a domain. These ranges often include shared infrastructures like…
Read more
Never miss an expiring certificate again with Red Sift Certificates Lite
SSL/TLS certificates are the backbone of secure, uninterrupted digital experiences—but managing them effectively to prevent downtime remains a persistent challenge. With browser and certificate authorities looking to reduce certificate durations to as little as 90 or even 47 days, keeping track of renewals has never been more critical. That’s why we’re excited to introduce…
Read more
Navigating G-Cloud 14 for DMARC solutions: A guide for former NCSC Mail…
With the NCSC discontinuing key features of its Mail Check service, including DMARC aggregate and TLS reporting, after March 2025, UK public sector organisations must prepare for this change by transitioning to alternative email security solutions. To support this shift, Red Sift is offering an extended free trial of its DMARC application, OnDMARC, providing…
Read more
Mail Check is changing: What UK public sector organisations must know about…
The National Cyber Security Centre (NCSC) has suggested a change to Mail Check services starting on 24 March 2025. This change mainly involves ending DMARC aggregate reporting. This change comes as a measure to expand the services provided by Mail Check to any UK based organisation, while also limiting the cost and complexity of…
Read more
Beyond DMARC: How Red Sift OnDMARC supports comprehensive DNS hygiene
Registrable domains and DNS play a crucial role in establishing online identity and trust, but their importance is often taken for granted. During new service setups, record updates are often overlooked, accumulating outdated entries. As infrastructure teams become increasingly overstretched, services may be incorrectly shut down without proper cleanup, leaving behind a sprawl of…
Read more
First look at DKIM2: The next generation of DKIM
In 2011, the original DomainKeys Identified Mail (DKIM1) standard was published. It outlined a method allowing a domain to sign emails, enabling recipients to verify that the email originated from an entity holding a private key that matches the public key published in the domain’s DNS records. Now in 2024, DKIM is ready for…
Read more
Securing our world: For a safer internet
October is Cybersecurity Awareness Month, a time for industries to unite in promoting digital security within today’s complex landscape. Bad actors are leveraging increasingly sophisticated methods—such as email phishing and Business Email Compromise (BEC)—to exploit vulnerabilities, impersonate legitimate contacts, and access sensitive information. CISA Director Jen Easterly advises us to “always think before you…
Read more
Boosting email security amid recent Coinbase phishing attempts
In recent weeks, there have been reports of sophisticated phishing attacks disguised as official communication from the cryptocurrency platform, Coinbase. These phishing emails closely mimic Coinbase’s branding and language to build recipient trust and prompt clicks on malicious links. The subject lines of these emails generally follow a format: the sender’s address starts with…
Read more
Red Sift’s Fall 2024 Quarterly Product Release
Building on the momentum of our Summer Release, we’ve taken another big step forward in AI-driven security with our Fall 2024 updates. Over the last few months, we’ve been focused on developing our skilled up large language model (LLM), Red Sift Radar – now fully integrated with OnDMARC – making it the first LLM…
Read more
Strengthening U.S. political campaigns against cyber threats: The urgent need for DMARC…
Securing political campaigns from cyber threats has never been more urgent. It is critical to secure communications that handle sensitive exchanges with voters, contributors, donations and coordinate complex operations. Campaigns make exceptionally rich targets for cyber espionage and exploitation, with our open-source research, demonstrating nearly 75% of US Senate campaign websites having not achieved…
Read more
Apple & Chrome propose reduced certificate lifetime
The lifetime of SSL/ TLS certificates continues to grow shorter. Chrome initially proposed reducing certificate lifespans to 90 days to enhance security and mitigate risks associated with compromised certificates. Apple took this initiative further, proposing a draft ballot to shorten the maximum validity period for public SSL/TLS certificates to just 47 days by 2028.…
Read more
Skill up your security: How defenders can harness AI
How can defenders identify and resolve security issues faster with Red Sift Radar, and what does it have to do with the movie Tenet? That was the key theme of this year’s 16th e-Crimes & Cybersecurity Mid-Year Summit education session, featuring Billy McDiarmid. If you missed the event, don’t worry—we’ve got you covered with…
Read more