The point where DORA and DMARC intersect

The point where DORA and DMARC intersect

DORA (Digital Operational Resilience Act) is a Europe-based framework explicitly designed to establish regulatory compliance for the finance sector. This act has been in force since January 2025. Though DORA and DMARC are not directly linked with each other, DMARC helps in DORA compliance by improving the email security posture.  DMARC is an email authentication…

Pros and cons of using wildcarding in SPF

Pros and cons of using wildcarding in SPF

SPF is the email authentication protocol that allows domain owners to specify which mail servers they officially allow to be used to send emails on behalf of a domain. Wildcarding in SPF is done using the ‘*’ mechanism. It matches any domain or IP that doesn’t explicitly match other mechanisms in the record. Wildcarding usually…

How does Privileged Account and Session Management (PASM) help strengthen DMARC and email security?

How does Privileged Account and Session Management (PASM) help strengthen DMARC and email security?

The truth is that the most important people in your organization are also the most targeted individuals for cyber-attacks due to their access to the most critical information and the management of sensitive systems that are major targets for cyber-attackers.  Since these accounts are the key to your organization’s most valuable resources, it only makes…

Overly permissive SPF configurations that make your email infrastructure vulnerable to phishing and spoofing

Overly permissive SPF configurations that make your email infrastructure vulnerable to phishing and spoofing

Overly permissive SPF configurations refer to settings that are set so loosely and broadly that anyone on the Internet can send emails from your domain. These configurations weaken your email infrastructure, ultimately exposing your brand name to phishing, spoofing, ransomware attacks, and other security risks.  If unauthorized, malicious people send emails from your domain and…

Everything you should know about typosquatting and how to stay protected

Everything you should know about typosquatting and how to stay protected

They say familiarity is deceptive, and we absolutely agree with it, especially in the context of cybersecurity. We base this statement on the paradigm that humans tend to trust patterns and blindly click on something that looks familiar at a glance. While doing this, we tend to overlook minor mistakes or discrepancies that can lead…

What should you do if your SPF record has exceeded the limit of 255 characters?

What should you do if your SPF record has exceeded the limit of 255 characters?

If you have just started with SPF implementation for your domain, your SPF record can run into multiple technical issues since there are many limitations and rules involved in creating and managing it. One such rule is that the length of the SPF record should not exceed 255 characters. You can address this issue by…

Understanding DKIM’s cryptographic algorithms: RS256 vs. RS512 and emerging trends

Understanding DKIM’s cryptographic algorithms: RS256 vs. RS512 and emerging trends

When it comes to maintaining the integrity of the contents of an email and verifying that they genuinely come from a trusted sender, DKIM is the authentication protocol that most security teams trust. This email authentication standard operates on cryptographic algorithms to generate a digital signature on each email. In this way, the recipient can…

Resolving custom domain configuration issues for Azure Email Communication

Resolving custom domain configuration issues for Azure Email Communication

It’s important to properly configure your domains so that email deliverability is not hampered. If your emails are marked as spam or rejected, the recipient will not receive your message in their inbox. With correctly configured SPF and DKIM records comes the trust within recipients that they have received the email from a genuine sender…

Impersonation is the leading phishing strategy of 2024

Impersonation is the leading phishing strategy of 2024

A famous software firm, Egress, published its Phishing Threat Trends Report in October 2024, highlighting how impersonation became the most prolific phishing tactic in 2024. In the context of cybersecurity, impersonation is the act of a threat actor pretending to be a trusted individual, organization, or system. By posing as a known and reliable entity,…

The future of SPF flattening; trends and emerging practices

The future of SPF flattening; trends and emerging practices

SPF flattening prevents your SPF record from exceeding the maximum lookup limit and becoming invalid. The process works by simplifying the SPF record, eliminating the need for frequent lookups, thereby keeping it within the limit. However, with growing adoption, intricate email infrastructures, improper email authentication practices, and emerging technologies, the future of SPF flattening is…