Delete malicious or unwanted calendar events

Open-source incident response playbook for Microsoft and Google tenants

ICS phishing is on the rise, with attackers exploiting malicious calendar events in record numbers. Most security tools leave users vulnerable, quarantining email while leaving calendars untouched. At Sublime, we're fighting back by both:

  1. natively purging malicious events with Sublime
  2. open-sourcing an IR playbook for the community to clean up malicious calendar events when quarantining email, no matter your security stack

Get early access to our open source playbook:

Redirecting...
Oops! Something went wrong while submitting the form.
Calendar showing malicious events
Bg PatternBg Pattern
Sublime Logo Horizontal
Resources
BlogEvents
Community Slack
Resource center
EML Analyzer
Sublime Core Feed
API Reference
Documentation
Security at SublimeICS Phishing Playbook
©2025 Sublime Security, Inc.
TermsPrivacySecurityDisclosurePrivacy choices