Latest
View all articles69% of Northwest U.S. businesses vulnerable to email phishing
Red Sift analyzed 600 Northwest domains and found only 31% have full DMARC enforcement, the lowest of any U.S. region. See the breakdown and how to fix it.
Read moreCompany NewsOnDMARC climbs to #1 in the Mid-Market Grid in G2's Summer 2026 Report
Red Sift OnDMARC ranked #1 in three Mid-Market indexes and earned 10 badges in G2's Summer 2026 Report.
Read moreCertificatesDKIM and Post-Quantum Cryptography: Keep Calm and Fix the Basics
Post-quantum cryptography is a real issue, but not every part of the email security stack is exposed in the same way. A lot of commentary collapses the whole topic into “store now, decrypt later”: ...
Read moreDMARCDMARCbis is now an IETF Proposed Standard: What that means today
Going forward, DMARCbis is the new DMARC with added clarity.
Read moreCertificatesCA/Browser Forum: ACME CAA Extensions (RFC 8657) To Become Mandatory
The CA/Browser Forum has spoken: ACME CAA extensions will be mandatory from March 2027 onward.
Read moreEmail AuthenticationBuilding an email and brand defense that works: Webinar recap
DMARC is a good start, but it’s not the finish line. Learn more about the multifaceted nature of cyber attacks and what you can do to protect your brand in this webinar recap.
Read moreDMARCFTSE 250 DMARC report: 39% of the UK's top companies still don't block spoofed email
Red Sift analysed DMARC records for the FTSE 250. 60.8% have reached enforcement, but 98 of the UK's largest mid-cap companies still leave email exposed.
Read moreDMARC59% of North Central U.S. organizations lack email enforcement
Red Sift analyzed 1,000 North Central domains and found only 41% have full DMARC enforcement. See the state-by-state breakdown and how to close the gap.
Read moreAI & SecurityBeyond the leaderboard: Benchmarking LLMs on a real security task
We benchmarked 12 LLM configurations on Radar Lite's security summarization task. Frontier models led, but mid-tier options came surprisingly close at a fraction of the cost.
Read moreCertificatesHigh-Assurance Certificate Transparency Monitoring with Red Sift Certificates
Learn how to detect unauthorized certificate issuances with Certificate Transparency monitoring. Set up CAA policies, CT monitoring rules, and high-assurance escalation in Red Sift Certificates.
Read moreCertificatesShould you use public PKIs for your private infrastructure?
Public PKIs are cost-effective for internal use, but come with trade-offs like certificate transparency, rate limits, and shrinking lifetimes. Here's how to decide between public and private PKI.
Read moreExplore more articles
Email Security Weekly
May 4, 2026
What's happening in email security: April 27-May 3, 2026
AccountDumpling abuses Google AppSheet to bypass DMARC. PayPal subject lines hijacked for tech-support scams.
Read issue
April 20, 2026
What's happening in email security: April 13-19, 2026
Proofpoint finds malicious inbox rules in 10% of breached M365 accounts, and the FBI's 2025 IC3 report shows phishing losses tripling year over year.
Read issue
April 14, 2026
What's happening in email security: April 6–13, 2026
AI-generated device code phishing, APT28's Outlook stealer, Iran's M365 password spraying, and the W3LL takedown. Your April 6–13 email security briefing.
Read issue