Sold by
Advanced Email Security
As the top attack vector, email demands the strongest possible protection. We block the most dangerous email-borne attacks, from phishing and ransomware to BEC, social engineering, payment fraud, and impersonation. Mimecast Email security: work protected
Reviews (340)
Kartik S.
Robust Security with Effective Threat Detection
Reviewed on Jun 12, 2026
Review provided by G2
What do you like best about the product?
I like Mimecast Advanced Email Security for its consistently strong threat detection and the confidence it gives to our team. It catches phishing attempts, impersonation attacks, and malicious attachments with impressive accuracy. The URL rewriting and sandboxing features add an extra layer of protection that feels reliable. The platform integrates smoothly with Microsoft 365, and its policy control makes it easy to tailor security to our environment. It also offers a strong detection with high accuracy and low false positives and integrates easily with Outlook and Microsoft 365.
What do you dislike about the product?
While Mimecast Advanced Email Security is overall strong, there are a few areas that could be improved. The admin interface feels unintuitive, especially when navigating complex policy settings or searching through logs. Some features have a steeper learning curve than expected, and occasional false positives still require manual review. Reporting could be more streamlined and visually modern. These are not deal breakers, but they do add friction to day-to-day administration.
What problems is the product solving and how is that benefiting you?
I use Mimecast Advanced Email Security to block phishing, malware, and impersonation attacks. It reduces spam, improves inbox hygiene, and offers policy control over URLs and sender behavior, boosting our compliance with archiving and ediscovery tools.
Ravishankar KumarPatel
Email defenses have reduced phishing risk and support strong compliance and user awareness
Reviewed on Jun 10, 2026
Review from a verified AWS customer
What is our primary use case?
The primary use cases for Mimecast Advanced Email Security is email security, which focuses on email inspection, phishing, and impersonation detection.
What is most valuable?
Feature-wise, what we normally see as a provider is how well they are aligned with their confidentiality management like DMARC, SPF, and DKIM management. Mimecast Advanced Email Security has been doing an excellent job in that area, as well as the compliance part, including how they do email archival, legal holding, and eDiscovery. Apart from that, they also have features like awareness training and user risk scoring, which definitely helps as a provider to show the complete picture to end customers.
Regarding pricing, Mimecast Advanced Email Security will be at par with Proofpoint. They are not saying they are very cheap; they are a decently premium product in the market. The ROI discussion sometimes wins the conversations. Pricing-wise, they are slightly premium, and that is how everyone has positioned themselves in the market.
What needs improvement?
The improvement needed is not necessarily in the product itself, but rather around how other organizations have evolved. The DLP discussion is no longer limited to email; it has gone to border level with companies like Zscaler, Netskope, and Palo Alto giving the complete full-stack SASE setup. When somebody has a SASE setup, then Mimecast Advanced Email Security DLP might not even be needed at a point in time. Mimecast Advanced Email Security needs to improve in this area because they are only focusing on a particular set of problems which is on email and human risk, whereas companies that need a slightly bigger picture will look elsewhere.
The second thing is when you buy an XDR provider, they give you a complete holistic story around it, showing what has happened, which email somebody has clicked on, whether there have been any changes, and whether there is any network activity. You get a holistic picture. When pushing Mimecast Advanced Email Security to end customers, people are more often saying that they would rather buy XDR from another provider because the story when an analyst sees is complete in terms of what they see, whereas they only get an email story from Mimecast Advanced Email Security. Mimecast Advanced Email Security has to improve there. Companies like Abnormal AI cover more on UEBA and user behavior, and there are many things for Mimecast Advanced Email Security to improve in this area as well.
It is less of a technology issue; they are doing very well on email. The conversation for them to have is on how to get into a broader level or how to get a tie-up to become a broader supplier. At least from a service provider landscape, I can say that.
For how long have I used the solution?
I have been working with Mimecast Advanced Email Security for probably three to five years.
What do I think about the stability of the solution?
Mimecast Advanced Email Security is a good product and is very stable.
What do I think about the scalability of the solution?
Mimecast Advanced Email Security is definitely scalable, and we are deploying it in very large environments.
How are customer service and support?
The customer service is good. Normally as a service provider, we do have our in-house support and we manage most of the things in-house, but if we need help, they are great. They are not like Microsoft, but they are great at it. They respond properly and try to help wherever they can.
How was the initial setup?
The setup is straightforward.
What about the implementation team?
We do in-house deployment.
What was our ROI?
The ROI is more around whether they are able to reduce the risk dramatically. The ROI which companies see should be able to justify buying Mimecast Advanced Email Security. It is acceptable. I cannot say that it is cheaper, but definitely it is on a decent side. People can buy it. It is not very costly. The ROI is decent and they can definitely invest in it.
What other advice do I have?
DLP is part of most of the compliance journey for most organizations because it helps identify the PII data which normally gets sent. Sometimes you have to send it, and you have no other choice than the option of masking the data. It is this kind of a filter where you have an option to identify whether there are any passport details, customer PII data, or any source code. You have an option to hold it or encrypt it if you need to. If you still have to send it, you can encrypt and send it. You can notify your security team to check it and all that. These are features which most DLP has, and even Proofpoint has similar features.
They are being pretty happy with Mimecast Advanced Email Security. The policies are decently researched and marked. They are happy and at the same time, with some of the features, they have the option to customize. That is where service providers like us come into the picture. We help them customize few of the policies, but apart from that, they have been very strong in terms of the policies and their processes.
It will be straightforward. Since you have email security, you get a decent number of emails without phishing and BEC risk. They reduce dramatically. Email availability and business communication continue uninterrupted, so you have email continuity in your picture. Compliance, as I mentioned, the litigation hold and eDiscovery helps them maintain compliance. I have seen that being utilized by a few of our legal clients. For them, it is very useful. Data leakage is reduced; if you have an option to block something, encrypt it, mask it, or block it, you have less risk of data leakage. User security awareness is also important. They do have phishing simulation and security awareness trainings that help reduce human errors and maintain user risk scores.
The primary thing which comes when I suggest is that people mostly go for email security features. I would still recommend people to start with their DMARC analyzer. Start from there, start your authentication, get the authentication methodology right, get the process right, and then followed by taking a product like Mimecast Advanced Email Security. I have been in this field for ten years, and in Microland, I have been for three years. Overall, I would give this product a rating of eight point five.
Jissel Q.
Essential Email Security with Seamless Outlook Integration
Reviewed on Apr 29, 2026
Review provided by G2
What do you like best about the product?
I like the ease of use of Mimecast Advanced Email Security and how well it integrates with Outlook. Having a tool that makes security easy and can be used with our other software is essential. The initial setup was also easy.
What do you dislike about the product?
It may block emails I expect to receive, but I prefer it this way for security.
What problems is the product solving and how is that benefiting you?
I use Mimecast Advanced Email Security for secure inbox monitoring and training. It filters security threats and integrates with Outlook easily, making security management simple and effective.
Jaylen J.
Highly Effective Spam Email Targeting
Reviewed on Apr 21, 2026
Review provided by G2
What do you like best about the product?
the ability to target emails that are spam
What do you dislike about the product?
sometimes it doesnt get all the spam emails
What problems is the product solving and how is that benefiting you?
incoming traffic management
Tristan R.
Reliable, Intuitive Spam Filtering with Strong Weblink Protection
Reviewed on Apr 07, 2026
Review provided by G2
What do you like best about the product?
I appreciate the intuitive spam filtering - this greatly reduces the junk mail in my inbox. The spam filter is reliable, and I receive a reminder email each day that I still have messages "on hold" in moderation.
I am glad there is an automated feature that allows me to block senders or domains, but also allows me to permit senders or domains. This is very helpful to reduce the time I spend moderating emails.
Another feature I really like is the protection with weblinks. The security with the weblinks also integrates with Teams, so I know I am covered in both Outlook and Teams.
I am glad there is an automated feature that allows me to block senders or domains, but also allows me to permit senders or domains. This is very helpful to reduce the time I spend moderating emails.
Another feature I really like is the protection with weblinks. The security with the weblinks also integrates with Teams, so I know I am covered in both Outlook and Teams.
What do you dislike about the product?
One downside is the time it takes to receive security codes for weblinks.
What problems is the product solving and how is that benefiting you?
Mimecast keeps up with the bots and scammers by outsmarting them. It has helped protect me from phishing attempts, and it saves me time by filtering out spam.
Jeremy A.
Great Configurability, Needs Better API Integration
Reviewed on Mar 17, 2026
Review provided by G2
What do you like best about the product?
My favorite thing about Mimecast Advanced Email Security is the relationship with our CSR, Brett Lenzi, who always jumps into support tickets, escalates them, and is a constant good-will advocate for us. I like how rules are easily configurable and the platform is always coming out with improvements. I appreciate the creation of custom rules to block new phishing patterns or suspicious domains and the ability to fine-tune filtering based on our specific environment, like by department. The intuitive rule building interface allows me to quickly make adjustments, and I find it valuable that we're continually working to reduce false positives via allow-lists and block-lists.
What do you dislike about the product?
We really need an API solution - we are missing out on connecting some services due to lack of API integration - MX records are really a legacy method. Limited automation capabilities - we can't programmatically pull email security metrics into our centralized security dashboards or SIEM platforms. Manual reporting processes - security incident data has to be manually exported rather than automatically fed into IR workflows. Disconnected threat intel - can't easily correlate Mimecast threat data with other security tools to get a full picture of attack campaigns. User provisioning inefficiencies - onboarding new employees or managing departing staff, we have to manually update policies rather than integrating with our identity management system via M365. The mx record approach limited my ability to create the interconnected security ecosystem that modern organizations need. API connectivity would broaden the efficacy of the overall impact of email security within the security stack.
What problems is the product solving and how is that benefiting you?
I use Mimecast Advanced Email Security to secure our email operations. It allows me to create custom rules to block phishing patterns and fine-tune filtering for our specific environment, reducing false positives. The intuitive rule-building interface lets me make quick adjustments.
Aaron V.
Customizable Email Security Policies That Protect Against Many Threats
Reviewed on Feb 04, 2026
Review provided by G2
What do you like best about the product?
It offers a wide range of email security policies with a strong level of customization. We’re able to protect our environment against many different types of threats, including dangerous malware, phishing attacks, impersonation attacks, and more.
What do you dislike about the product?
The interface isn’t very intuitive, and it can be a bit difficult to navigate through all of the policies and find exactly what I need. Customer support has been hit or miss as well. Sometimes I get good support, but other times it’s been difficult and lengthy to get my issues resolved.
What problems is the product solving and how is that benefiting you?
It solves my email security needs. I require a strong security platform to protect me from spam and phishing attacks, and this helps with that.
reviewer2500197
Email security has protected critical communication but hyperlink handling still needs improvement
Reviewed on Jan 21, 2026
Review from a verified AWS customer
What is our primary use case?
Securing the mail communication.
How has it helped my organization?
Biggest benefit would be filtering everything that is either spam or a threat before reaching users mailboxes.
What is most valuable?
Filtering from threats before emails are reached mailboxes.
URL protection and sandboxing. Potentially dangerous links are open in Sandbox rather than in user's web browser further helping with potential threats.
What needs improvement?
Allow modification of potentially dangerous hyperlinks to be converted into either text or image instead of rejecting the message.
For how long have I used the solution?
I have been dealing with Mimecast Web Security for more than five years.
What do I think about the stability of the solution?
Relatively stable with minimum issues. However, there were a few in the past caused a lot of headache.
What do I think about the scalability of the solution?
From what I've seen from the MSP, it seems quite complicated to manage the configuration itself, but since I am not using the product as an admin, I can't answer it definitively.
How are customer service and support?
I have not dealt directly with Mimecast Web Security's technical support; whenever we have a problem or something needs to be changed, I reach out to my MSP.
What about the implementation team?
I did not purchase Mimecast Web Security through the AWS Marketplace because it goes through my MSP.
What was our ROI?
In general, I can't comment on ROI with Mimecast Web Security since I never worked without mail security application. I can't quantify the time I would need to spend on fixing issues or dealing with threats without Mimecast.
What's my experience with pricing, setup cost, and licensing?
MSP in charge for setup etc. Costing seems similar to other evaluated solutions.
Which other solutions did I evaluate?
Mimecast was chosen by MSP who is also providing full support for us with the product. However, we as a company are evaluating various solutions which can provide better value to us either directly or indirectly via MSP. Mimecast seems to be heavy on configuration rather than using a user behaviour compared to alternatives we were presented.
What other advice do I have?
We have been using Mimecast Web Security for quite a lot of years. Regarding the analytics part you asked and what metrics are most valuable for monitoring web activities in our case, we am not dealing with the monitoring; that's our MSP who does the majority of the monitoring on our behalf.
Regarding the reporting part, I have seen the original reports from Mimecast Web Security, which seem to be quite heavy in terms of information. With the MSP, we are just reviewing and discussing what is necessary. If there is a concern, that is dealt with MSP immediately rather than waiting for formal conversations. However, I think the Mimecast report is fine and easy to read.
It is hard for me to say whether the installation is easy or complex, as I wasn't involved; it was done by our MSP. I am the end customer of Mimecast Web Security, not a consultant.
KishoreSugumar
Email security has protected data and now simplifies archiving and prevention workflows
Reviewed on Dec 19, 2025
Review provided by PeerSpot
What is our primary use case?
I have been working with Mimecast Email Security.
What is most valuable?
The functionality, including email archiving and data loss prevention features, is adequate. Mimecast Email Security offers certain features inherent to the product which are beneficial. In case of additional needs, I explore further customization.
What needs improvement?
There is room for improvement since new threats are emerging. Considering the availability of new features would be worthwhile. Mimecast Email Security is somewhat expensive compared to the competition in the Indian market, and the local presence is lacking as they do not have a local representative currently.
For how long have I used the solution?
I have been working with Mimecast Email Security for approximately seven months.
What do I think about the stability of the solution?
Currently, I am not facing any issues with Mimecast Email Security. If something comes up, I will be keen on exploring other products.
What other advice do I have?
I have been satisfied with Mimecast Email Security as a good solution. However, if I need anything additional, I will surely explore what can be done on that. I would rate this product nine out of ten.
Which deployment model are you using for this solution?
On-premises
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Ajay S.
Robust Email Security Made Simple and Effective
Reviewed on Dec 16, 2025
Review provided by G2
What do you like best about the product?
Mimecast Advanced Email Security stands out for its strong protection against phishing, malware and impersonation attacks while remaining easy to manage. The interface is intuitive, making daily monitoring, policy updates and threat investigation straightforward even for small security teams.
Implementation is smooth and well-documented, with minimal disruption to existing mail flow. Integration with M465 is seamless and features like URL protection, attachment sandboxing and impersonation protection work effectively out of box.
Implementation is smooth and well-documented, with minimal disruption to existing mail flow. Integration with M465 is seamless and features like URL protection, attachment sandboxing and impersonation protection work effectively out of box.
What do you dislike about the product?
Mimecast Advanced Email Security is a powerful platform, the interface can feel complex at times, especially for new administrators. Some settings are deeply nested, which can make advanced policy tuning and troubleshooting less intuitive.
What problems is the product solving and how is that benefiting you?
Mimecast Advanced Email Security addresses critical email-based threats such as phishing, spear- phishing, malware, ransomware and business email compromise. By providing advanced threat detection, URL and attachment analysis and impersonation protection, it significantly reduces the risk of users falling victim to malicious emails.