Why we’ve acquired Hardenize, and what this means for our customers

Today, I’m delighted to announce that Red Sift has acquired global Attack Surface Management (ASM) innovator, Hardenize. This is one of the most significant moves in Red Sift’s history to date, and means we can now enrich and extend our leading security products. Alongside protecting email via the deployment of widely supported security standards, we are now in a position to offer similar protections to important threat vectors such as services provided over the web.

Together, we will redefine Attack Surface Management (ASM)

It’s no secret that email security remains one of the greatest challenges for businesses on the internet. We pride ourselves in offering excellent connected solutions for these challenges, however, we know that email is one of many vectors that hackers will actively look to exploit. From email and domains to web applications and the network perimeter, attackers will take advantage of any and all vulnerabilities across the ever-expanding attack surface. So, rather than treating key email security risks individually, organizations must have a comprehensive understanding of and visibility into any and all assets, as well as the ability to secure these using our award-winning remediation solutions based on globally-recognized standards and protocols. 

Hardenize is unique because they start with the hard problems first. It’s impossible to manage your attack surface without first finding it. They combine best-in-class asset discovery with deep inspection of an organization’s security posture across all public-facing services from email to web and nameservers. Having created the industry-standard SSL Labs in the prior decade, the team has deep expertise in evaluating technical risks. Hardenize brings this approach up to date with the complex discovery and management challenges facing organizations today. We exist to help our customers see, solve, and secure, and combining Hardenize with our existing solutions allows us to address the entire lifecycle around an organization’s digital footprint from discovery to issue resolution. 

“This is a significant moment in the fight against digital pollutants on the Internet. Modern cyber resilience is built on a foundation of good cyber hygiene. Hardenize adds best-in-class security to allow organizations to work out what they’re doing well and need to improve in some really critical areas of core protections. This adds to Red Sift’s suite of gold-standard solutions. I’m excited to see how this improves the offerings available for enterprises looking to secure their infrastructure and digital ecosystem.”

Ciaran Martin, NCSC founder and former Chief Executive, and Red Sift Special Advisor

How does this improve Red Sift’s existing solution set?

When it comes to existing ASM solutions, most start and stop with port scanning. This ignores the vast body of protocol-level security that is poorly understood and incompletely deployed. It also ignores messaging and the systems that employees use to engage across the internet. Our view is that all of it forms a continuous attack surface that needs to be discovered and hardened against adversaries. Hardenize was one of the only ASM solutions to detect vulnerabilities in email configuration that could lead to impersonation and weaknesses in TLS that could lead to interception. 

Today’s acquisition provides customers with the necessary tools to ensure ongoing compliance with email and web security protocols, hardening their attack surface on all fronts. Hardenize’s deep and continuous knowledge of key security and network standards, protocols, and configurations, paired with Red Sift’s sophisticated remediation capabilities and gold-standard security products, enables customers to gain complete control of their entire attack surface for the first time. 

“We’re excited to join Red Sift in bringing this best-in-class security solution to the market. Hardenize’s ability to align organizations’ digital assets to recognized security frameworks and standards complements Red Sift’s advanced email security capabilities to provide a single solution that protects organizations from being vulnerable to attackers.”

Hardenize CEO and SSL Labs creator Ivan Ristic.

Register interest for our exclusive Experts Discussion

To learn more about today’s acquisition, register your interest for our exclusive Experts Discussion below. I will be joined by Ivan Ristic, Hardenize CEO and SSL Labs creator, and other industry experts to explore what this move means for the future of digital resilience and attack surface management.


Rahul Powar

13 Oct. 2022



Recent Posts


Preventing certificate related violations in cybersecurity frameworks:  A guide to certificate monitoring…

Rebecca Warren

TLS is one of the most widely adopted security protocols in the world allowing for unprecedented levels of commerce across the internet.  At the core of the TLS protocol is TLS certificates. Organizations must deploy TLS certificates and corresponding private keys to their systems to provide them with unique identities that can be reliably…

Read more

Red Sift ASM & Red Sift Certificates: the missing link in your…

Billy McDiarmid

According to Gartner, Attack Surface Management (ASM) refers to the “processes, technology and managed services deployed to discover internet-facing enterprise assets and systems and associated exposures which include misconfigured public cloud services and servers.” This broad category of tooling is used within Continuous Threat Exposure Management (CTEM) programs, with many vendors within it having…

Read more

The best tools to protect yourself from SubdoMailing

Francesca Rünger-Field

In late February 2024, ‘SubdoMailing’ became a trending search term overnight. Research by Guardio Labs uncovered a massive-scale phishing campaign that had been going on since at least 2022. At the time of reporting, the campaign had sent 5 million emails a day from more than 8,000 compromised domains and 13,000 subdomains with several…

Read more
Product Release

Red Sift’s Spring 2024 Quarterly Product Release

Francesca Rünger-Field

This early into 2024, the cybersecurity space is already buzzing with activity. Emerging standards, such as Google and Yahoo’s bulk sender requirements, mark a new era of compliance for businesses reliant on email communication. At the same time, the prevalence of sophisticated cyber threats, such as the SubdoMailing campaign, emphasizes the continual hurdles posed…

Read more