LEHI, Utah – DigiCert, a prominent provider of digital trust solutions, has announced its acquisition of Valimail, a global leader in zero trust email authentication. This move, revealed on September 16, 2025, marks a significant step in DigiCert’s strategy to fortify its DigiCert ONE platform and expand its offerings to include email authentication services.
Strengthening the Fight Against Phishing and Spoofing
With over 92,000 clients globally and a 70% growth in the past year, Valimail is recognized for its leadership in zero trust email authentication and its expertise in Domain-based Message Authentication, Reporting, and Conformance (DMARC). The integration of Valimail’s technology into DigiCert ONE will enable DigiCert to address phishing and spoofing, the leading sources of cyber threats, while offering customers a unified platform to secure websites, software, devices, and now email.
Amit Sinha, CEO of DigiCert, emphasized the importance of this acquisition in tackling emerging cybersecurity challenges. "Our strategy has always been to expand our platform’s capabilities with technologies that solve emerging threats for customers, and we believe that email authentication is the next logical step for DigiCert ONE. This strategy has guided our evolution from the world’s largest certificate authority company into a digital trust platform leader. Today, the rise of AI and the looming threat of quantum computing against current encryption have made it clear that the future of digital trust must be built on the belief that every digital interaction requires the right level of protection. Valimail is a leader in zero trust email authentication, with durable, foundational technology that is essential for securing email interactions at scale."
Expanding Into a $4 Billion Market
This acquisition positions DigiCert to enter the growing $4 billion market for paid DMARC solutions, which are essential for securing brand and domain-based communications. Valimail’s leadership is underscored by an extensive portfolio of DMARC-related patents and its status as the only DMARC provider authorized under the Federal Risk and Authorization Management Program (FedRAMP). This authorization highlights its dominance in serving highly regulated industries, including global enterprises and government agencies.
Alex Garcia-Tobar, CEO of Valimail, reflected on the alignment of the two companies’ missions. "Our mission has always been to authenticate the world’s communications, starting with email. Teaming up with DigiCert helps accelerate our joint mission globally, aligning with the company’s broader trust ecosystem and ensuring that organizations are secure not only in their email, but across all their digital interactions. As a growth company, we’re excited to work closely with Amit and his leadership team to capture a larger share of the $4B+ market opportunity ahead of us."
Enhancing Trust Through VMC and BIMI Integration
Valimail’s expertise in DMARC complements DigiCert’s existing capabilities as a global provider of Verified Mark Certificates (VMCs) and Mark Certificates (MCs). These tools allow organizations to display verified brand logos in customer inboxes via Brand Indicators for Message Identification (BIMI). Together, DMARC enforcement and VMCs will empower organizations to build customer trust by reducing phishing risks and enhancing brand recognition through visual trust cues, including verified logos and blue checkmarks in email communications.
Looking Ahead
By integrating Valimail’s zero trust email authentication capabilities with its existing platform, DigiCert is poised to offer a comprehensive solution for digital trust across multiple domains. The acquisition signals DigiCert’s commitment to innovation and securing digital interactions in an evolving threat landscape.
Legal advisory for DigiCert during this acquisition was provided by Sidley Austin LLP, while Valimail’s financial and legal advisors were Piper Sandler and Fenwick & West LLP, respectively.
This latest development underscores DigiCert’s continued focus on expanding its digital trust platform to address new and critical areas of cybersecurity, ensuring businesses and customers alike can interact in a secure digital environment.
