Skip to main content

Red Sift integration

Mark Glinski
  • Updated

    Red Sift's integration with SecurityScorecard gives you insight into 3 key areas of your email 

    security and DNS health:

    • Email authentication
    • Email security setup
    • BIMI, an emerging standard for logo visibility in email

    With Red Sift, you can:

    • Secure your organization from inbound and outbound email phishing attacks and BEC
    • Stop the exact impersonation of your domain
    • Align with NIST, CMMC, and other requirements and regulations

    The Red Sift Pulse Platform enables organizations to anticipate, respond to, and recover from cyber attacks while continuing to operate effectively. The award-winning Red Sift application suite is the only integrated solution that combines four interoperable applications, internet-scale cybersecurity intelligence, and innovative generative AI that puts organizations on a robust path to cyber resilience.

    Red Sift is a global organization with offices in North America, Australia, Spain, and the UK. It boasts a global client base across all industries, including Capgemini, Domino’s, ZoomInfo, Athletic Greens, and top global law firms. Red Sift is also a trusted partner of Cisco, Microsoft, Validity, and Entrust, among others. 

    The Security Scorecard <> Red Sift integration is deployed in minutes, automatically embedding Red Sift’s email and domain security data into Scorecards. This gives you a clear breakdown of risks and the subsequent actions you can take for remediation. 

    Use the Red Sift integration to increase your insight into three key areas of your email security and DNS health:

    • Email authentication
    • Email security setup
    • BIMI, an emerging standard for logo visibility in email

    Meet Red Sift

    Red Sift's cloud-based DMARC application, OnDMARC, enables you to configure SPF, DKIM, BIMI, and DMARC for all legitimate email sources in weeks. Protect your organization against business email compromise, phishing, and email impersonation. 

    Red Sift provides thirteen types of informational and positive signals in SecurityScorecard, based on DMARC, SPF, and BIMI protocols:

    Note: Informational and positive signals  do not impact your Scorecard score.

    Domain protected by DMARC

    This domain is protected by DMARC against exact impersonation.

    No DMARC aggregate reports are being inspected

    This domain is protected by DMARC, but reports are not being analyzed. Some legitimate email traffic may be blocked without your knowledge.

    No DMARC forensic reporting is being inspected

    This domain is protected by DMARC, but forensic reports are not being analyzed. Forensics contain important information for investigating misconfigurations and email attacks.

    Domain not protected by DMARC

    This domain is not protected by a strong DMARC policy, meaning your organization is vulnerable to business email compromise, ransomware, and phishing attacks. A malicious party can also impersonate your domain to target individuals within your customer base and supply chain.

    DMARC record error

    This DMARC record contains errors, so the domain is not protected from impersonation and phishing attacks. 

    SPF record found

    No issues are currently identified with the SPF record for this domain. This does not guarantee that all email domains and sending sources are authenticated, or that the SPF lookup limit will not be exceeded in the future, which can impact deliverability. 

    SPF record exceeds the maximum number of lookups

    An SPF record with too many lookups will impact the delivery of legitimate mail, especially with legacy receiving mail systems, or if the domain is at DMARC enforcement.

    SPF record error

    An SPF record with errors can impact the delivery of legitimate mail, especially with legacy receiving mail systems, or if the domain is at DMARC enforcement.

    SPF record not found

    No SPF record was found for this domain. All email sources could be failing authentication. A domain with no SPF record may experience email delivery failures, especially with legacy receiving mail systems, or if the domain is at DMARC enforcement.

    BIMI deployed with VMC

    This domain has BIMI deployed with a VMC that ensures the legal ownership of its logo.

    BIMI record without a VMC

    This domain has a BIMI record but does not contain a VMC to ensure legal ownership of its logo. Some email providers will not process this BIMI record.

    BIMI record error

    This domain's BIMI record has an error, and it is being ignored by email receivers.

    No BIMI record

    This domain has no BIMI record. BIMI is a reward for a domain protecting itself with DMARC, and allows you to display your trademarked logo in a mail client.

    Set up the integration

    If you are SecurityScorecard customer, you can install the app in seconds.

    1. Select Marketplace from the top menu in the SecurityScorecard platform.

      marketplace-off-dashboard.png
    2. On the Marketplace page, start typing Red Sift in the search box and then select Red Sift to go to the installation page.

      redsift-marketplace.png
    3. View a description of the app, and click Install.

      redsift-install.png

    Installation completes in seconds with no additional prompts or messages.

    Find Red Sift signals in the Scorecard

    You can view any available Red Sift signals on your own Scorecard or any Scorecard you follow:

    1. Click the Scorecard tab, and select the DNS Health or Social Engineering factors. Any available Red Sift signals appear in an Informational or positive section for that factor.

      redsift-dns-health.png


      redsift-social-engineering.png
      or

      Click the Issues tab in the Scorecard. Any available Red Sift signal appears with their logo in the informational or positive rows of the table.

      redsift-issues.png

    2. Click the signal to see an overview of your identified issue, the associated risk, recommendations for steps to take, and reference links for additional information or guidance.

      redsift-details.png

    3. Scroll down for observation dates.

      redsift-observation.png

    Take action on Red Sift signals 

    Red Sift’s signals identify email authentication issues to be addressed and opportunities for improvement. To address these issues, you can subscribe to Red Sift's OnDMARC service and automate the DMARC implementation and enforcement process:

    • Leverage the auto-classification of legitimate email senders from OnDMARC's database, and start enforcing DMARC enforcement in four to eight weeks.
    • Surface bad senders with threat intelligence. OnDMARC's Threat Intelligence automatically identifies and contextualizes threats to help you block them faster.
    • Manage SPF, DMARC, DKIM, MTA-STS, and BIMI from inside OnDMARC’s interface instead of going back to your DNS provider.

    Acronym glossary for this article

    BIMI

    Brand Indicators for Message Identification: A new, industry standard that will apply brand logos as indicators alongside authenticated emails to help people avoid fraudulent email

    DKIM

    DomainKeys Identified Mail: A protocol used to sign different header fields and the body of an email in order to authenticate the sending domain and prevent message modification during transit

    DMARC

    Domain-based Message Authentication, Reporting & Conformance: An email authentication protocol designed to enable email domain owners to protect their domain from unauthorized use, commonly known as email spoofing.

    SPF

    Sender Policy Framework: An email authentication method designed to detect the forging of sender addresses during the delivery of the email

    VMC

    Verified Mark Certificate: A digital certificate that validates the authenticity of a BIMI logo

    Learn more

    Get Help

    If you need help or have questions about the integration, contact the Red Sift support team.



    Related articles

    Comments

    0 comments

    Please sign in to leave a comment.