Latest
View all articlesBuilding an email and brand defense that works: Webinar recap
DMARC is a good start, but it’s not the finish line. Learn more about the multifaceted nature of cyber attacks and what you can do to protect your brand in this webinar recap.
Read moreFTSE 250 DMARC report: 39% of the UK's top companies still don't block spoofed email
Red Sift analysed DMARC records for the FTSE 250. 60.8% have reached enforcement, but 98 of the UK's largest mid-cap companies still leave email exposed.
Read moreDMARC59% of North Central U.S. organizations exposed to email spoofing
Red Sift analyzed 1,000 North Central domains and found only 41% have full DMARC enforcement. See the state-by-state breakdown and how to close the gap.
Read moreAI & SecurityBeyond the leaderboard: Benchmarking LLMs on a real security task
We benchmarked 12 LLM configurations on Radar Lite's security summarization task. Frontier models led, but mid-tier options came surprisingly close at a fraction of the cost.
Read moreCertificatesHigh-Assurance Certificate Transparency Monitoring with Red Sift Certificates
Learn how to detect unauthorized certificate issuances with Certificate Transparency monitoring. Set up CAA policies, CT monitoring rules, and high-assurance escalation in Red Sift Certificates.
Read moreCertificatesShould you use public PKIs for your private infrastructure?
Public PKIs are cost-effective for internal use, but come with trade-offs like certificate transparency, rate limits, and shrinking lifetimes. Here's how to decide between public and private PKI.
Read moreCertificatesHow many public PKIs are there?
Public Key Infrastructures go far beyond Web PKI. Explore the full landscape of public PKIs — from code signing and S/MIME to BIMI and Matter — and learn which one fits your needs.
Read moreDMARC64% of U.S. Heartland organizations exposed to email spoofing
Red Sift analyzed 900 Heartland domains and found only 36% have full DMARC enforcement. See the state-by-state breakdown and how to close the gap.
Read moreDMARCMost businesses still can't answer one simple question about their email
Just 2.5% of domains enforce DMARC at p=reject. Red Sift and Bespin Labs (Patronum) break down why email authentication stalls, and how to fix it before regulators and attackers force the issue.
Read moreEmail SecurityFBI IC3 2025 report: Email fraud is now a $4 billion problem
The FBI IC3 2025 report shows BEC, phishing, and impersonation fraud hit $4B+ in losses. Here’s what the data means for email authentication.
Read moreAI & SecuritySecurity in the age of AI: Mythos and going back to basics
AI models like Anthropic's Mythos are finding and exploiting vulnerabilities faster than humans can keep up. Learn why the answer to AI-driven cyber threats starts with getting the basics right.
Read moreExplore more articles
Email Security Weekly
May 4, 2026
What's happening in email security: April 27-May 3, 2026
AccountDumpling abuses Google AppSheet to bypass DMARC. PayPal subject lines hijacked for tech-support scams.
Read issue
April 20, 2026
What's happening in email security: April 13-19, 2026
Proofpoint finds malicious inbox rules in 10% of breached M365 accounts, and the FBI's 2025 IC3 report shows phishing losses tripling year over year.
Read issue
April 14, 2026
What's happening in email security: April 6–13, 2026
AI-generated device code phishing, APT28's Outlook stealer, Iran's M365 password spraying, and the W3LL takedown. Your April 6–13 email security briefing.
Read issue