Sublime is one of those tools that just works. Everyone’s a winner. Employees are happy their emails work, InfoSec has less operational burden, it requires little management, and the tool is nice to use. It’s very rare that I can say I’ve finally found a tool that does what it says it will do.
Huel, a leading nutritionally complete food company, needed an email security solution that could autonomously protect against sophisticated threats without constant management or operational disruption.
Before Sublime, Huel’s lean security team spent hours each week managing disruptions caused by a legacy tool that created friction instead of protection. Sublime’s autonomous platform instantly reversed that burden, catching sophisticated attacks automatically and eliminating operational disruption.
Huel’s investigations required searching across several disconnected views, taking 30–45 minutes per message. Each week, the team spent roughly two hours just diagnosing issues.
Operational disruptions were frequent and impactful. Two-factor authentication codes were delayed causing system lockouts, URL rewrites broke one-time links for critical business applications, and legitimate business communications were routinely quarantined. In one case, delayed scanning blocked AWS access for days.
The legacy interface was a maze of nested rules and categories, offering little insight into why emails were blocked or delivered.
Despite the operational overhead, the previous solution failed to catch evolving attack techniques. DocuSign and Intuit-based attacks became particularly problematic, with attackers leveraging legitimate services to deliver malicious content embedded several layers deep.
These attacks specifically targeted Huel's finance team, who regularly used these services for legitimate business purposes, making detection especially challenging for traditional rule-based systems.
Huel evaluated multiple modern email security solutions, focusing on finding a platform that could deliver superior protection through intelligent automation rather than manual management.
Sublime outperformed every evaluated platform, catching more malicious emails, including a 100% detection rate on DocuSign and Intuit-based attacks, without requiring manual rule tuning. Most importantly, Sublime delivered this performance without requiring extensive rule creation or ongoing manual tuning.
Unlike black-box tools, Sublime combined transparency with intelligent automation, giving Huel confidence in every decision and continuous protection that adapted automatically to new threats.
During evaluation, Sublime's partnership approach became evident through immediate response to new threats, rapid deployment of updated detection capabilities, and ongoing threat intelligence that ensured continuous protection without manual intervention.
Sublime's API-based approach enabled smooth deployment alongside existing infrastructure. The parallel operation allowed safe migration without conflicts, simple integration with Google Workspace was achieved quickly, and no DNS or routing complications arose.
Deployment was seamless. Aside from one custom rule, Sublime’s intelligent detection handled all threats automatically. Daily management now takes minutes, simply reviewing Sublime’s flagged emails instead of spending hours on investigations.
Sublime's autonomous capabilities eliminated the need for constant rule adjustments and manual threat hunting. When new attack patterns emerged, the platform adapted automatically without requiring manual rule creation or configuration changes.
Results at a glance:
The most significant change was the shift from email security being a daily operational burden to an autonomous enabler of business productivity. Business users gained confidence in email reliability without security-related disruptions, and the security team could focus on strategic priorities instead of managing security tools. Sublime delivered on the promise of intelligent, self-managing email security.
Huel's experience demonstrates that effective email security doesn't require choosing between comprehensive protection and operational autonomy. Sublime's platform delivers enterprise-grade threat detection through intelligent automation that scales with evolving threats.
The autonomous capability allows Huel's lean security team to maintain robust email defenses while focusing their expertise on strategic security initiatives rather than daily operational tasks. For organizations seeking email security that operates intelligently in the background, Huel's transformation shows what's possible when advanced threat detection meets autonomous operations.
The first thing our team does each morning is get onto Sublime and whip through all the flagged emails with near-zero effort. We can rely on reviewing just the emails that Sublime suggests should have an extra pair of eyes, and you can clearly see what's going on.
If I wanted to find an email, I had to go through seven or eight different categories and search each one. We’d spend 30-45 minutes before we could even diagnose if there was a problem.
We hit the ‘report to Sublime’ button and it was just done - a new rule was out and emails started getting caught.
We're infoSec people - we're investigating threats and need to prove how things work. Now, when I am diagnosing an email, I can understand what's happening under the hood.
These were services our finance team received invoices and PDFs through regularly. It felt like it was only a matter of time until one was clicked.
It's one of those tools that just works. There's no training necessary to use Sublime. For users, or for InfoSec engineers
See how Sublime delivers autonomous protection by default, with control on demand.
.svg)
