Quarantined emails are a steady source of help desk tickets. A user notices a meeting invite or a vendor reply never arrived, asks where it went, and an analyst has to look it up. For SOC teams with mixed user populations or displacing a legacy gateway, it's a recurring class of work.
Most of those tickets exist because users have no other way to know what's been quarantined. Today, we're making Quarantine Digests generally available for all Sublime Enterprise customers. Each Digest summarizes what was quarantined for a user. If something legitimate was incorrectly caught, the user can easily request that the email is released from quarantine. Analysts and admins can then approve every restore from within Sublime, with a full audit trail.
"Quarantine Digests are a strong step toward reducing day-to-day friction from quarantines. Employees get visibility and an easy path to request releases, and security stays in control of approvals.”
– Security engineer at a leading sustainable freight mobility company
A request-to-release model, not a one-click free-for-all
Most teams pick between two bad options. Hand users a one-click release button and the SOC loses control of what comes back. Send no quarantine notifications at all and every "did this get blocked?" question turns into a ticket.
Quarantine Digests are designed for the middle ground that most security teams want. Users get a digest with the sender, subject, and time for each quarantined message – enough to recognize what they're missing. The user can then request a message be released from quarantine right from the digest. Release requests go into Sublime for an analyst or admin to review and release with a single click. Users stay informed, the SOC keeps approval authority, and nothing gets back to an inbox without a security review.
Targeted by List, on the cadence that fits
Different user groups have different needs. Executives will want a tight loop, whereas field staff and the broader user populations are fine with a weekly summary. Sublime gives you options.
Digests are configurable globally or with Lists, daily or weekly to let you tailor cadence and behavior to specific groups, and configure the sender address used for delivery. If nothing is quarantined for a user in that window, no digest goes out.
A clean audit trail
Every release request and every release is logged. Sublime captures who requested the release and when, and the audit log records the action and whether it came from a user request or a SOC-initiated action. Restores are per-user by design, so releasing a message for one recipient doesn't silently restore it for everyone else. Bulk releases can be done with one click.
Get started
Quarantine Digests are generally available for all Sublime Enterprise customers today. Book a demo to see it in your environment.
Get the latest
Sublime releases, detections, blogs, events, and more directly to your inbox.
.svg)
.avif)
