The Red Sift Blog
Filter all blogs
All blogs
Microsoft announces new email requirements for bulk senders
Microsoft has officially announced new authentication requirements for bulk email senders—referred to as ‘high volume senders’ in their documentation—aligning with the policies rolled out in 2024 by Google and Yahoo. These changes aim to improve email security and deliverability for Outlook.com users, covering domains like outlook.com, hotmail.com, and live.com. The update marks a significant…
Read moreFrom concept to market leader: Reflecting on the development of Red Sift…
Following Red Sift OnDMARC being featured in 18 reports in G2’s Spring 2025 Report, CEO Rahul Powar shares his thoughts on the innovation behind the product—and what’s driving its continued momentum in the fight against phishing and Business Email Compromise (BEC). When I founded Red Sift, my goal was to make proactive cybersecurity accessible…
Read moreKeep your Microsoft Online Email Routing Address secure with Red Sift OnDMARC
Every Microsoft 365 tenant includes a default domain in the format tenantname.onmicrosoft.com. This is known as the Microsoft Online Email Routing Address (MOERA). What many don’t realize is that attackers have started using these domains to impersonate organizations in phishing attacks. If left unmonitored, MOERA domains can become a blind spot in your email…
Read more
Red Sift OnDMARC ranked #1 in EMEA and Europe for DMARC in…
G2’s Spring 2025 Report is here, and we’ve got some exciting news to share! Red Sift OnDMARC has been named the #1-rated DMARC solution in both EMEA and Europe, and that’s just the start. We also took the #1 spot in the Mid-Market Results Index and Mid-Market Usability Index, and were featured in 18…
Read more
The Mail Check deadline has passed: Is your organisation at risk?
The National Cyber Security Centre (NCSC) proposed changes to Mail Check services came into effect on 24 March 2025, including the ending of DMARC aggregate reporting. Organisations who are yet to comply must now seek an alternative provider or risk exposure to harmful cybersecurity incidents. This change comes as a measure to expand the…
Read more
Red Sift named a Top 50 company in 2025 Emerging Stars Awards
We’re pleased to share that Red Sift has been named Best Performing Company – Security & Infrastructure in the 2025 Emerging Stars Awards. These awards, part of the Megabuyte100 series, recognise the UK’s 50 best-performing scale-up technology companies based on solid financial performance, from over 800 entries. Being recognised in this category reflects the…
Read moreMailgun and Red Sift partner to boost email programs with stronger authentication
Senders know that email is a critical channel for driving customer engagement and establishing trust, yet deliverability and security issues can disrupt email programs. Mailgun, a leader in cloud-based email delivery, is providing free DMARC reporting for all Mailgun senders courtesy of Red Sift OnDMARC. This integration brings senders complete visibility into authentication results…
Read moreOver 60% of healthcare organizations remain unprotected against data breaches
Introduction Red Sift’s analysis of healthcare organizations that reported large breaches to the Department of Health & Human Services (HHS) in 2023-2024 uncovered a troubling trend: post-breach, 61% remain unprotected against phishing and domain spoofing due to weak or nonexistent DMARC policies. DMARC (Domain-based Message Authentication, Reporting & Conformance) is a widely recognized security…
Read moreRed Sift wins 2025 Cybersecurity Excellence Award for OnDMARC
Executive Summary: Red Sift OnDMARC has been recognized with the 2025 Cybersecurity Excellence Award for its advanced email security solutions. By leveraging AI-powered tools like Red Sift Radar for security issues and Dynamic DNS Guardian for real-time monitoring, OnDMARC provides businesses with robust protection against phishing, spoofing, and business email compromise (BEC). Key takeaways:…
Read moreRed Sift’s Winter ‘24/’25 Quarterly Product Release
This quarter, we’re making security faster, smarter, and more proactive with updates that improve threat detection, reduce manual work, and prevent threats before they escalate. Highlights include: Brand Trust Executive Impersonation: Detect unauthorized use of leadership identities By uploading and managing executive images in Brand Trust, security teams can detect and monitor unauthorized use…
Read moreEnhanced logo detection with AI: A hybrid approach
Executive Summary: Accurate logo detection is essential for protecting brands against misuse and fraudulent activities. Red Sift’s hybrid AI approach enhances detection precision, effectively balancing the reduction of false positives with the identification of genuine threats. This article: Introduction Logo detection is crucial for brand protection, helping identify logo misuse in lookalike domains and fraudulent…
Read morePrepare for the Mail Check deadline
Executive Summary: The NCSC is updating its Mail Check services, discontinuing features like DMARC aggregate reporting to enhance accessibility and manage costs. Public sector organisations relying on these services should explore alternative DMARC reporting solutions to maintain email security. This article: Introduction The National Cyber Security Centre (NCSC) is modifying Mail Check services to discontinue…
Read morePost-quantum cryptography for Internet and WebPKI: Where are we now and how…
Executive Summary: Advancements in quantum computing threaten existing cryptographic protections. While CRQCs aren’t expected imminently, organizations must proactively transition to quantum-safe cryptography to secure future communications. This article: Introduction Recent advancements in quantum computing pose a substantial threat to the cryptographic algorithms that secure internet communications, particularly public key cryptography. As quantum computers evolve, they…
Read moreCollaborative cybersecurity: The building blocks to a safer internet
Ciaran Martin, former CEO of the UK National Cyber Security Centre, and Rahul Powar, CEO of Red Sift Executive Summary: As technology advances, so do associated risks. A conversation between industry leaders emphasizes that collaborative cybersecurity efforts are crucial to building a safer and more resilient internet. This article: Introduction The internet’s foundational promise is…
Read moreSecuring crypto with Andrei Terentiev
Executive Summary: In an insightful discussion, Bitcoin.com’s CTO, Andrei Terentiev, delves into the challenges at the intersection of cryptocurrency and cybersecurity, offering strategies to protect digital assets in an ever-evolving landscape. This article: Introduction In a new episode of Resilience Rising, host Sean Costigan speaks to Andrei Terentiev, Chief Technology Officer (CTO) of Bitcoin.com. The…
Read more2.3 million organizations embrace DMARC compliance
Executive Summary: Over the past year, 2.3 million organizations have adopted DMARC, enhancing email security globally. This progress reflects a positive trend toward securing email ecosystems, with certain countries leading the charge. This article: Introduction It has been one year since Google and Yahoo implemented stricter requirements for bulk email senders. Eleven months ago, Red…
Read moreVMC and CMC updates: 5 key takeaways
Executive Summary: Staying updated on VMCs and CMCs is crucial for organizations aiming to authenticate their logos and enhance brand trust in email communications. This article outlines five key changes in the latest security requirements. This article: Introduction Verified Mark Certificates (VMCs) and Common Mark Certificates (CMCs) continue to evolve, and staying up to date…
Read moreLet’s Encrypt & Red Sift webinar recap: A new era for certificate…
Every day, businesses rely on TLS certificates to keep their digital operations secure. But when those certificates expire unexpectedly, the consequences can be severe—websites go down, critical services break, and customer trust is lost. Even as automation has made certificate issuance and renewal easier, it hasn’t eliminated the problem. Organizations still find themselves blindsided…
Read moreMoving cybersecurity upstream to achieve resilience
Executive Summary: Integrating cybersecurity measures from the outset of software development is essential. Experts agree that this proactive approach enhances organizational resilience against cyber threats. This article: Introduction The traditional approach to cybersecurity—often tacked on as an afterthought—needs a serious overhaul. This was the consensus in the recent MN-ISSA sponsored fireside chat titled “Moving Cybersecurity…
Read moreSix-day certificates: Here’s what you need to know
In January 2025, Let’s Encrypt announced a major step forward in enhancing web security: the introduction of six-day certificates, also known as “short-lived” certificates. This initiative aligns with Let’s Encrypt’s commitment to strengthening the Public Key Infrastructure (PKI) ecosystem and is set to roll out for general availability by the end of 2025. Why…
Read moreRed Sift becomes the recommended certificate monitoring service of Let’s Encrypt
We’re thrilled to announce that Red Sift Certificates Lite has become the official recommended certificate expiration monitoring service of Let’s Encrypt, the world’s most widely used Certificate Authority. Red Sift Certificates Lite is a free service that allows users to track up to 250 certificates with email notifications 7 days ahead of expiry. It…
Read more