DMARC Analyzer

DMARC Analyzer - Detect and prevent email phishing and spoofing

The main goal of DMARC is to detect and prevent email spoofing. Prevent brand abuse, scams and gain full insight on your email channel with DMARC Analyzer. 360° visibility and governance across all email channels.

Features

  • Monitor and analyse your SPF, DKIM and DMARC results
  • DMARC deployment self-service tool and recommendation engine
  • DMARC Alerts and Reports (via email)
  • High DMARC coverage
  • Friendly overviews grouped on several values
  • Aggregate and Forensic DMARC Reports
  • Two factor authentication
  • DNS record monitoring
  • Great platform performance

Benefits

  • Block inbound attacks and protect your brand against abuse
  • The ability to instruct ISP’s to deliver or delete emails
  • Authenticate email messages and improve deliverability
  • Block malware and phishing attacks
  • Authenticate email messages and increase your email deliverability!
  • Prevent brand abuse and scams
  • Customer Fraud Protection
  • Gain full insight on your email channel
  • EU based GDPR compliant vendor

Pricing

£4386 per licence per year

Service documents

G-Cloud 10

648094271698505

DMARC Analyzer

Danny Hoogeveen

+31 (0) 85 13 00 788

info@dmarcanalyzer.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints N/A
System requirements No requirements, SaaS based platform.

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Response within 4 hours during business days.
During weekends the response time extends to next business day. Additional support and shorter response times available at extra cost.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support Web chat
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard None or don’t know
How the web chat support is accessible Web chat is provided by a third-party (Intercom.io). Through Intercom DMARC Analyzer offers a simply user-friendly text-based interface. Though it hasn't been formally assessed against an accessibility standard.
Web chat accessibility testing N/A
Onsite support Yes, at extra cost
Support levels Standard support via email and web chat is offered to all (G-Cloud Digitalmarketplace) customers.

Our DMARC deployment and project management specialists can help you with managing your DMARC project, mitigate risks, allow you to safely block malicious emails without impacting your other email channels like marketing, transaction, etc. Training and DMARC deployment support can be provided at extra cost.

DMARC Analyzer provides different types of servicelevels; Professional Services, Platinum Support and Managed Services which are high-end service solutions with acces to DMARC specialists.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started The application provides an onboarding guide as well as a detailed user manual. Training and DMARC deployment support can be provided at extra cost.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Users are able to manually export their data and we can send reported XML data on request when the contract ends.
End-of-contract process At the end of a contract, the access to DMARC reports in the DMARC Analyzer applications ends. Users can renew the service and are able to manually export their data. We can send reported XML data on request when the contract ends.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Responsive GUI
Accessibility standards None or don’t know
Description of accessibility N/A
Accessibility testing N/A
API Yes
What users can and can't do using the API API controls to total application and therefor all data is retrievable through the API. This is on request only and not within our default service offerings.
API documentation Yes
API documentation formats HTML
API sandbox or test environment No
Customisation available No

Scaling

Scaling
Independence of resources DMARC Analyzer is built with a scalable architecture in mind.

The application is horizontally scalable in all its facets.

Analytics

Analytics
Service usage metrics Yes
Metrics types Service Metrics are provided as part of regular DMARC reporting from domain owners.
- Number of emails validated (regular DMARC reporting)
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations No
Datacentre security standards Supplier-defined controls
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Encryption of all physical media
Data sanitisation process No
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach Users can export aggregate DMARC reports in a range of standard formats, including: CSV and HTML
Data export formats
  • CSV
  • Other
Other data export formats HTML
Data import formats Other
Other data import formats DMARC aggregate reports (compressed in .zip/.gz/.gzip)

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Other
Other protection between networks Not applicable as there is no direct connection between these networks.

The buyer will enable sending DMARC reports to our application. This is done by participating ISPs over a connection which is as safe as possible (normally over TLS).
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability Expected downtime or lesser connectivity on software updates or maintenance will be notified one working day prior this as defined in our Terms and conditions.
Approach to resilience Available on request
Outage reporting Email alerts & dashboard notifications

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels Management interfaces are only available for user who are authenticated through the User Account Control (UAC) section
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for Less than 1 month
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for Less than 1 month
How long system logs are stored for Between 1 month and 6 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification Yes
Who accredited the PCI DSS certification Usd AG
PCI DSS accreditation date 02/05/2018
What the PCI DSS doesn’t cover DMARC Analyzer uses a certified payment solution and has submitted a binding self-assessment concerning the secure handling of credit card data. Thereby the company complies with the Payment Card Industry Data Security Standard (PCI DSS).

This Seal of Approval confirms that credit card payment is secure in this web shop. DMARC Analyzer uses a certified payment solution and has submitted a binding self-assessment concerning the secure handling of credit card data. Thereby the company complies with the Payment Card Industry Data Security Standard (PCI DSS).
Other security certifications Yes
Any other security certifications DDMA Privacy Guarantee Security Check - Gold

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach DMARC Analyzer successfully passed the Privacy Guarantee Security Check. DMARC Analyzer organisational information security is accredited with the security label: Gold.
Information security policies and processes The use of DMARC Analyzer is governed by the terms and conditions described at https://www.dmarcanalyzer.com/conditions/ and privacy policy described at https://www.dmarcanalyzer.com/privacy-statement/.
Data is encrypted, two-factor authentication is used in order to secure logins. Our local network has a firewall and Antivirus is installed on all machines. dmarcanalyzer.com is protected by a DMARC reject policy.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach DMARC Analyzer discusses operational change management and change control policies on a weekly basis. DMARC Analyzer has a formal process to ensure clients are notified prior to changes being made which may impact their service. Our changes are backwards compatible. Normally a release is announced after it has taken place.
When we expect downtime or lesser connectivity on software updates or maintenance, there is a notification one working day prior.
Vulnerability management type Supplier-defined controls
Vulnerability management approach At DMARC Analyzer, we consider the security of our systems a top priority.
Automated vulnerability and security scans runs on all services on a daily basis these tests are also performed during the development process. We strive to resolve all detected issues as quickly as possible.

We run a responsible disclosure process which is available at:
https://www.dmarcanalyzer.com/responsible-disclosure/
Protective monitoring type Supplier-defined controls
Protective monitoring approach At DMARC Analyzer, we consider the security of our systems a top priority.
Besides our automated vulnerability and security scans on all services we are continuously monitoring our services, and strive to resolve all detected issues as quickly as possible.
Incident management type Supplier-defined controls
Incident management approach We are providing a Responsible Disclosure at https://www.dmarcanalyzer.com/responsible-disclosure/
We strongly recommend users to encrypt their findings using our PGP key to prevent this critical information from falling into the wrong hands. We will handle reports with strict confidentiality. We will respond to reports within 3 business days with our evaluation of the report and an expected resolution date. We strive to resolve all problems as quickly as possible, and we would like to play an active role in the ultimate publication on the problem after it is resolved.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £4386 per licence per year
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Free 14-day Trial without restrictions.
Link to free trial https://app.dmarcanalyzer.com/register

Documents

Documents
Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑