عربي | Contact us

Beta Version


Haseen Initiative


As part of the National Cybersecurity Authority (NCA) efforts to enhance the national cybersecurity, the NCA introduced Haseen (an Email Authentication initiative) to enhance the protection against Email Spoofing threats. Haseen aims to reduce the cyber risks on email services by authenticating the domain names of the email service of national entities.


Haseen Initiative Objectives:

  • Help national entities to implement Email Authentication Protocol DMARC by providing Haseen platform tools and technical guidelines.

  • Monitor and notify the national entities in the event of an unauthorized use of the entity’s Email domain names.


Haseen Platform Enables Entities To:

  • Lookup the Entity’s implementation level of Haseen Initiative.

  • Create DMARC, SPF, and DKIM domain name records.

  • Lookup DMARC, SPF, and DKIM domain name records.

  • Educate the Entities on the importance of activating DMARC protocol and provide means of implementation.


This initiative applies to government organizations in the Kingdom of Saudi Arabia (including ministries, authorities, establishments and others) and its companies and entities, as well as private sector organizations owning, operating or hosting Critical National Infrastructures (CNIs), which are all referred to herein as “The Organization”. The NCA strongly encourages all other organizations in the Kingdom to leverage this initiative to implement best practices to improve and enhance their cybersecurity.

Following the NCA’s strategy in cooperation and partnership with other entities, NCA encourages all entities to add Haseen’s email address to the entity’s DMARC record, which enables the Haseen platform to collect and analyze reports, received from all email service providers automatically.

To comply with the Essential Cybersecurity Control (ECC – 1: 2018, control 2-4-3-5), The NCA urges all entities to implement the proposed mechanism of applying the DMARC, DKIM, and SPF protocols in the technical guideline, which aligns with the operations continuity of email services.


Haseen Initiative Implementation Results


Lookup

item

DKIM

DKIM use a digital signature in all outbound emails that is sent by the organization. If someone try to send a phishing email spoofing the organization, it won't have the signature which will help the reciepint to filter out spoofed emails



item

SPF

SPF is an authentication standard that allows domain owners to specify which servers are authorized to send email and check the incoming emails are coming from a domain that is authentic and not spoof.



item

DMARC

DMARC is an email validation system designed to leverage the existing email authentication techniques SPF & DKIM to protect the email domains against spoofing attacks