Efail Recommendations

Many Rendition Infosec clients are calling us today asking about the efail vulnerability. TL;DR – this isn’t a big deal for most of our enterprise users. Few of them use PGP and most of those that do use PGP to send files back and forth, not to encrypt the email natively.

More than anything else, there was a disclosure problem with this vulnerability. Is the vulnerability serious? Yes, for some users with a specific workflow. Did the vulnerability deserve the media attention that it got? No, definitely not.

Continue to practice good cyber security hygiene and apply updates to all of your software as updates become available. If you need further assistance understanding how the efail vulnerability might impact your organization, please reach out to Rendition Infosec and we’ll be happy to help.


After talking to multiple members of the press about the vulnerability embargo, I’ve posted some additional thoughts here.

Your cart

This will be copy area - something to the effect of estimated ship time if applicable


Rendition's advanced courses contain the latest in information security knowledge. Please contact us for more information.

This page has proprietary information in it, please contact us for more information.