Home / Services / Email Security

Email Security

Defend the #1 phishing and BEC target in your environment

Request a Quote View all services
Email Security ASSESSMENT
2
CRITICAL
6
HIGH
11
MEDIUM
5
LOW
External perimeter testingPASSED
Application security testingPASSED
Remediation verificationIN PROGRESS
Final report deliveryPENDING
Overview

What This Engagement Covers

A comprehensive assessment tailored to your environment.

Assessment, deployment, and ongoing management of email security controls — DMARC, SPF, DKIM, secure email gateway tuning, BEC prevention, and user-reporting workflow.

Our Process

What We Test & How

What We Test

Email authentication records, secure email gateway (Proofpoint, Mimecast, M365 Defender, Google Workspace) policy, user reporting flow, simulated phishing efficacy, and third-party sender posture.

Our Approach

Baseline assessment, hardening, policy deployment, DMARC enforcement rollout, and quarterly tuning against current phishing trends.

Deliverables

What You'll Receive

Everything included in your engagement report.

Email authentication assessment (SPF/DKIM/DMARC)

DMARC enforcement rollout (reject mode)

Gateway policy hardening

User reporting workflow integration

Quarterly phishing trend tuning

Brand impersonation monitoring

Methodology

Our Testing Methodology

A structured approach to identifying and validating vulnerabilities.

1

Current-state assessment

2

Authentication record remediation

3

Gateway policy hardening

4

DMARC enforcement staging

5

User reporting workflow

6

Continuous tuning

Findings

Common Vulnerabilities We Find

Typical security issues discovered during this type of engagement.

DMARC in monitor mode only Missing DKIM on key domains Overly permissive SPF (+all) Unprotected subdomains Gateway bypasses for "safe senders" No user-facing reporting workflow
Who It's For

Ideal For

Organizations getting heavily phished
Companies preparing for SOC 2 / ISO
Post-BEC hardening engagements
Brand-protection programs
Compliance

Standards We Support

SOC 2 ISO 27001 HIPAA PCI-DSS GDPR

Ready to Get Started?

$7,500 + $1,200/month

Typical engagement: 4-8 weeks initial + ongoing

Request a Quote
More Services

Explore Other Services

Complementary security engagements for comprehensive coverage.

Web Application Penetration Testing

Comprehensive security assessments of your web applications

Starting at $7,500 Learn more

API Penetration Testing

Secure your REST, GraphQL, and SOAP APIs

Starting at $7,500 Learn more

Active Directory & Domain Penetration Testing

Assess your Windows domain infrastructure security

Starting at $10,000 Learn more
Why Us

Why Lorikeet Security

Certified Experts

OSCP, OSCE, CEH, GPEN certified professionals

Auditor Ready

Reports designed for compliance audits

Free Retesting

Validate fixes at no additional cost

Expert Support

Direct access to testing team during remediation

Lory waving

Hi, I'm Lory! Need help finding the right service? Click to chat!