Better Together.

Sublime enables security teams and researchers to share rules publicly or privately to detect email attacks and hunt for threats.

Community-contributed detection rules

Detection rules contributed to the public Sublime Rules Feed are available to all users. Submissions are vetted by the Sublime team.

View all open-source rules

I love sharing rules to give back to the community. I think the safer we all are, the harder it is for the bad guys, and that’s alright by me.”

Alfie Champion

Adversary Emulation Manager

FTSE 250 financial institution

Share publicly, privately, or peer-to-peer

Sublime Feeds are Git-backed, and subscriptions are kept automatically up to date.

Create

Write and run custom rules. You control if, when, and how they’re shared.

Share

Submit your rules to the public Sublime Rules Feed or share privately with anyone.

Collaborate

Your rules will block phishing attacks for Sublime users around the world.

You’re in good company

Detection rules have been contributed both publicly and privately by Global 2000 security teams and independent researchers.

Get Started. Today.

Deploy and integrate a free Sublime instance in minutes.

Managed Instance

Create account in minutes

For organizations of any size. First 100 mailboxes free.

Create Free Account

Request Demo

Get a live demo

Learn how Sublime verifiably closes email attack surface.

Deploy and self host

Docker for smaller orgs

Limited to 600 active mailboxes. View Docker Guide.

curl -sL https://sublime.security/install.sh | sh

AWS Cloud for enterprise

Scales to any number of mailboxes. View AWS Quickstart

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

Azure, GCP, K8s & Terraform

Coming Soon!

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.