Red Sift, an email security company, has added protection for its domain and has raised $54 million in funds

Red Sift, an email security company, has added protection for its domain and has raised $54 million  ...

Participate in today's leading executives on the Data Summit on March 9th. Register.

Despite the best efforts of security organizations and increased investments in cyber, phishing and business email compromise (BEC) attacks are only speeding up, and getting more successful. Proofpoint that 83% of organizations were successful in an email attack last year, up from 65% in 2020. According to Proofpoint data

Getting rid of these trends isn't just about training employees to avoid posting malicious emails. It's a complex situation, with many stakeholders to consider.

For a single company to address the problem effectively, at least until now, Rahul Powar says. With its introduction today of a domain protection solution to integrate products that protect both outbound and inbound email security, Rahul is hoping to succeed.

There are other providers who have different point solutions, Powar said in an interview. The reality is that these problems are very deep interconnected. And if you treat them as point solutions, then youll always be left with an incomplete security offer.

What customers require is a "solution that helps you identify the whole of your digital asset base," he said, which is what Red Sift specializes in with its technology for ingesting and analysing millions of data points a day.

The new product, aimed at assisting businesses in quickly closing down malicious phishing sites, is being unveiled today alongside Red Sift's $54 million series B grant.

Highland Europe led the round, which included the help of Sands Capital, Oxford Capital, and MMC Ventures. Red Sift has now raised $69.8 million in funding since its launch in 2015.

A complete solution

OnDOMAIN which is now in preview and will be available for general availability in the second quarter will join Red Sift's other products that provide security for both outbound email (OnDMARC) and inbound email (OnINBOX). Red Sift, according to Powar, is launching the product because of a recognition that protecting against phishing is more than just the emails themselves and is better addressed with a complete solution.

According to Red Sift, OnDOMAIN monitors 150 million domains and subdomains that have been registered each day and examines information from numerous data sources to help determine a domain's validity. The product then permits security teams to quickly shut down phishing sites with "one-click takedown capabilities," which is made possible by industry partnerships.

OnDOMAIN will also discover unauthenticated domains, although they were previously unknown, according to Red Sift. The products capabilities will enable customers to protect their brands and reputations against damage and abuse.

Powar said that even large, advanced organizations have assets that they're unaware of. They may have a software that assists them identify and manage all their certificates and all the domains, but that isn't integrated in any meaningful way with their email security posture. So things ends up falling through the cracks.

Impersonation must stop being pushed back.

OnDMARC provides assistance with companies with a more intuitive implementation of DMARC (Domain-based Message Authentication, Reporting, and Conformance). It assists in stopping email impersonation, ensuring that authorized senders are the only ones that can receive emails using a certain domain in the "from" field.

According to Valimail, while the DMARC protocol was published in 2015, just 22 percent of top retailers, 30 percent of Fortune 500 domains, and 36% of large banks have achieved "full DMARC enforcement."

The reason for modest adoption is that DMARC has traditionally been a very extensive consultative project, according to Powar. It's been a very difficult task to get done.

OnDMARC, a Red Sift product, aims to simplify implementing DMARC by adding automation to the process. It "helps organizations implement DMARC, which is unique because of its capability to protect organizations across their supply chain and network," according to Powar.

When you deploy DMARC, youre demonstrating to the world how receivers can verify that the email actually originated from the infrastructure that you had authorized, he said. Plain vanilla email does not provide you that by default. As a result, you're likely to complex supply chain attacks, phishing against your customers, and invoice fraud against your supply chain.

DMARC can handle a lot of this for the domains that a corporation controls and owns, because it may offer the receivers a way to know and verify the email that it was actually sent from the company, according to Powar.

OnINBOX employs AI and machine learning (ML) as well as a "deep understanding" of the signals that point to a malicious email, according to Powar. The solution is intended to complement widely used email security tools rather than replace them.

Profitability for the customer

Red Sift's service has expanded to more than 700 people, and he is planning to double that amount by the end of 2022 thanks to the latest funding, according to reports. Domino's Pizza, ZoomInfo, PageGroup, Wise, Telefonica, and Rentokil Initial plc are among the customers.

The company's revenue doubled in 2021, and is expected to double again this year, according to Powar.

Red Sift plans to expand its workforce by the end of this year, according to Powar.

Powar, who was previously the company's principal technical architect and a member of the founding team at Shazam, founded Red Sift with CTO Randal Pinto, another Shazam alum who served as company's CEO until 2012, and was also responsible for developing professional services. Both he and Powar spent three years at Thomson Reuters before launching Red Sift in 2015.

Problems that are hard to come up with

Powar said that the major goal for this year is to expand the OnDOMAIN product on the market.

"So we actually monitor newly observed domains, websites that are spinning up in real time, and look for brand infringement in those assets," says OnDOMAIN. "So we can easily identify phishing attacks even before they launch. "So that's why the OnDMARC use case fits quite nicely."

Powar said onDOMAIN can assist with monitoring key suppliers as an example. "We can identify those in OnINBOX, and we can monitor those and in OnDOMAIN," he said.

Another big issue OnDOMAIN addresses is assisting organizations in defining their perimeter, according to Powar.

"If you're a large financial services corporation, you don't even know all of the assets on the internet that you own. So, it's very difficult to get them under control," he said. "OnDOMAIN helps identify all of the things as part of its vast internet scanning."

All in all, Red Sift stands out in the marketplace as it able to address some of the most difficult security challenges, according to Powar.

We provide user-centric, automated cybersecurity solutions to a wide range of difficult-to-solve situations, said the author. Its complicated. And were doing it at an all-time high.

VentureBeat's goal is to serve as a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact.

You may also like: