Better Together.

Sublime enables security teams and researchers to contribute rules, publicly or privately, to detect phishing attacks, threat hunt, and auto-triage user reported messages.

Community-contributed detection rules

Detection rules contributed to the public Sublime Rules Feed are available to all users. Submissions are vetted by the Sublime team.

View all open-source rules

I love sharing rules to give back to the community. I think the safer we all are, the harder it is for the bad guys, and that’s alright by me.”

Alfie Champion

Adversary Emulation Manager

FTSE 250 financial institution

Share publicly, privately, or peer-to-peer

Sublime Feeds are Git-backed, and subscriptions are kept automatically up to date.

Create

Write and run custom rules. You control if, when, and how they’re shared.

Share

Submit your rules to the public Sublime Rules Feed or share privately with anyone.

Collaborate

Your rules will block phishing attacks for Sublime users around the world.

You’re in good company

Detection rules have been contributed both publicly and privately by Global 2000 security teams and independent researchers.

Get Started. Today.

Deploy and integrate a free Sublime instance in minutes.

Managed Instance

Create account in minutes

For organizations of any size. First 100 mailboxes free.

Create Free Account

Deploy and self host

Docker for smaller orgs

Limited to 600 active mailboxes. View Docker Guide.

curl -sL https://sublime.security/install.sh | sh

Eml analyzer

Rapid phishing investigation.

No setup or integration required.

Open EML Analyzer

Deploy and self host

AWS Cloud for enterprise

Scales to any number of mailboxes. View AWS Quickstart

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

Get a live demo

Learn how Sublime verifiably closes email attack surface.