Solutions
Platform
Community
Sublime prevents email attacks using Detection-as-Code and behavioral AI. Gain visibility and control, hunt for advanced threats, and spend less time on email-originated incidents.
Powered by Message Query Language
Prevent email attacks
Stop BEC, phishing, HTML smuggling, and more
Hunt for threats
Identify missed attacks and potential compromise.
Triage user reports
Auto-remediate campaigns via herd immunity
Collaborate peer-to-peer or run rules vetted by Sublime
Share detections publicly or privately via Git
Receive new rules and updates automatically
Stay ahead of attacker adaptation
Filename w/ Right-to-Left Override Unicode
Submitted by:
@vector_sec
Link to download encrypted zip with ISO
Submitted by:
@ajpc500
Malicious OneNote attachment
Submitted by:
@Kyle_Parrish_
Subscribe to rules created by industry experts
Share detections publicly or privately via Git
Receive new rules and updates automatically
Stay ahead of attacker adaptation
Protection from BEC, Malware, Credential Phishing, and more
Discover missed attacks using behavioral queries or IOCs
Verifiably block atypical behavior to reduce attack surface
Auto-remediate missed campaigns from one or multiple user reports
Integrate with other tools seamlessly using the API & webhooks
Ingest threat intel to block attacks using IOCs, MQL, or YARA
I’ve been waiting for years for someone to bring detection engineering to email. I haven’t been this excited since EDR/Crowdstrike.
With Sublime we don’t have to pick between black box machine learning and having control, we get the benefits of both.
Sublime gives us the benefit of community curated rules to stop phishing threats and the precision to craft our own.
Sublime’s phishing herd immunity empowers every one of our end users to help secure the organization when attacks get through.
Deploy and integrate a free Sublime instance in minutes.
For organizations of any size. First 100 mailboxes free.
Limited to 600 active mailboxes. View Docker Guide.
Scales to any number of mailboxes. View AWS Quickstart
Coming Soon!
Self-managed or Managed
Alert-only or auto-remediate
SOC 2 Type 2. Security features are free.
No MX changes. M365, Google, IMAP
Ingest & analyze historical data
Collaborate and share via Slack
Browse our standalone tools and open-source repos