The Red Sift Blog
Filter all blogs
All blogs
Preventing certificate related violations in cybersecurity frameworks: A guide to certificate monitoring…
TLS is one of the most widely adopted security protocols in the world allowing for unprecedented levels of commerce across the internet. At the core of the TLS protocol is TLS certificates. Organizations must deploy TLS certificates and corresponding private keys to their systems to provide them with unique identities that can be reliably…
Read moreRed Sift ASM & Red Sift Certificates: the missing link in your…
According to Gartner, Attack Surface Management (ASM) refers to the “processes, technology and managed services deployed to discover internet-facing enterprise assets and systems and associated exposures which include misconfigured public cloud services and servers.” This broad category of tooling is used within Continuous Threat Exposure Management (CTEM) programs, with many vendors within it having…
Read moreThe best tools to protect yourself from SubdoMailing
In late February 2024, ‘SubdoMailing’ became a trending search term overnight. Research by Guardio Labs uncovered a massive-scale phishing campaign that had been going on since at least 2022. At the time of reporting, the campaign had sent 5 million emails a day from more than 8,000 compromised domains and 13,000 subdomains with several…
Read moreRed Sift’s Spring 2024 Quarterly Product Release
This early into 2024, the cybersecurity space is already buzzing with activity. Emerging standards, such as Google and Yahoo’s bulk sender requirements, mark a new era of compliance for businesses reliant on email communication. At the same time, the prevalence of sophisticated cyber threats, such as the SubdoMailing campaign, emphasizes the continual hurdles posed…
Read moreNavigating the “SubdoMailing” attack: How Red Sift proactively identified and remediated a…
In the world of cybersecurity, a new threat has emerged. Known as “SubdoMailing,” this new attack cunningly bypasses some of the safeguards that DMARC sets up to protect email integrity. In this blog we will focus on how the strategic investments we have made at Red Sift allowed us to discover and protect against…
Read moreWhere are we now? One month of Google and Yahoo’s new requirements…
As of March 1, 2024, we are one month into Google and Yahoo’s new requirements for bulk senders. Before these requirements went live, we used Red Sift’s BIMI Radar to understand global readiness, and the picture wasn’t pretty. At the end of January 2024, one-third of global enterprises were bound to fail the new…
Read moreYour guide to the SubdoMailing campaign
A significant number of well-known organizations have been attacked as part of what’s being called the SubdoMailing (Subdo) campaign that has been going on since at least 2022, research by Guardio Labs has revealed. The scale of execution of this attack is staggering, and the impact is hugely damaging, but the goal is simple…
Read moreA confident deployment guide for TLS and PKI
Our journey to better network transport security has been quite the ride, filled with ups and downs. Back in the ’90s, when SSL and the Netscape browser were just taking off, things were pretty hard. We were dealing with weak encryption, export restrictions on cryptography, and computers that couldn’t keep up. But over the…
Read moreRed Sift OnDMARC: The best Agari alternative for DMARC
Looking for an alternative to Agari DMARC Protection that helps you safely and efficiently stop unauthorized use of your email-sending domains? You’re in the right place. Here is your definitive comparison guide for Agari and Red Sift OnDMARC – one of the most popular Agari alternatives on the market. Red Sift OnDMARC overview Red…
Read moreRed Sift OnDMARC: The best Valimail alternative for DMARC
Looking for an alternative to Valimail that helps you safely and efficiently stop unauthorized use of your email-sending domains? You’re in the right place. Here is your definitive comparison guide for Valimail and Red Sift OnDMARC – one of the most popular Valimail alternatives on the market. Red Sift OnDMARC overview Red Sift OnDMARC…
Read moreAnnouncing the beta for Red Sift Radar: An LLM Assistant for Security…
We are delighted to announce the beta for Red Sift Radar – our new LLM assistant for security teams. With Red Sift Radar, teams will be able to use an LLM to automate manual checks, drive security consistency, and build bridges with less technical teams. To bring this to life, we have taken base…
Read moreNavigating Corporate Risk and Cybersecurity: A Discussion with Annie Searle
By Sean Costigan, PhD In a recent exploration of the intricate world of corporate risk management and cybersecurity, I enjoyed the privilege of engaging in a compelling conversation with Annie Searle, a distinguished expert in the field of operational risk management. Searle’s extensive experience in the financial, IT, and emergency services sectors illuminates the…
Read moreResilience Rising | Episode 1 with Annie Searle
In this episode of Resilience Rising listeners are invited to explore the complex world of cybersecurity and corporate risk with special guest Annie Searle. Annie will use her experience in operational risk management across the financial, IT and emergency services sectors to help risk and security leaders unpack their strategic challenges. The discussion delves…
Read moreFebruary 1, 2024: A new era of email authentication begins
From today, Google and Yahoo are rolling out new requirements for bulk senders, ushering in a new era of email compliance. If you’re just learning about this now, here’s a quick summary: Google and Yahoo now require bulk senders – those who send more than or around 5,000 emails daily – to meet a…
Read moreWhy successful email marketing relies on domain authentication
How to master the essentials of email security for optimal campaign reach and inbox placement Crafting the perfect email marketing campaign is hard work. And, nothing is more frustrating than a perfectly crafted campaign not performing because the emails were delivered to the the spam folder. In 2023, Validity found that one in every…
Read more2024: The year of DMARC as a business imperative
I can say with confidence that the world does not need more security predictions for 2024. But as we head into the new year, it is important to have conversations about security strategy to inform our business priorities and our road maps. As I talk to our Red Sift customers, our partners, and the…
Read moreCertificate Monitoring versus Certificate Lifecycle Management
TLS certificates – once called SSL certificates and often referred to as just “certificates” – are one of the core ways we keep the internet safe and secure. Certificates encrypt data to make sure it is transmitted privately between your browser, the website you’re visiting, and the website server. But as the number of…
Read moreThe world is not ready for Google & Yahoo’s bulk sending requirements:…
In October 2023, Google and Yahoo jointly announced new requirements to help deliver “a safer, less spammy inbox” for users. The requirements will go into place on February 1, 2024 and are specific to bulk senders – those that send over 5,000 emails daily. What are the new Google and Yahoo requirements for bulk…
Read moreCertificate Transparency logs are the best way to prevent PKI-related outages
The Business Need for Certificate Monitoring and Management PKI certificates make the world go around, but they come with a serious flaw: they expire, and—as they do that—cause business disruption and lead to loss of customer confidence. Countless hours have been spent installing, monitoring, and rotating certificates to keep the Internet running. This problem…
Read moreRed Sift Certificates: The best AppViewX alternative
Hunting for an alternative to AppViewX that helps you monitor your certificates to stop downtime and security risk? You’ve come to the right place. Let’s dive into a no-frills, straight-up comparison between AppViewX and Red Sift Certificates. AppViewX Overview AppViewX CERT+ is AppViewX’s certificate monitoring tool. According to their docs, “AppViewX’s CERT+ provides an…
Read more