Sublime Email Security Platform logo

    Sublime Email Security Platform

    Sublime stops more email attacks with less work. Our agentic platform protects, adapts, and responds in real-time, eliminating vendor bottlenecks.

    Ratings and reviews

    4.8
    34 ratings
    3 star
    2 star
    1 star
    94%
    6%
    0%
    0%
    0%
    1 AWS reviews
    |
    33 external reviews
    External reviews are from G2  and PeerSpot .

    Filters

    Review type

    AWS Marketplace reviews
    External reviews
    Reviews (34)
    AmitRathod

    Automated policies have protected our email channels and reduced phishing risks every day

    Reviewed on Jul 13, 2026
    Review provided by PeerSpot

    What is our primary use case?

    I currently use Sublime Security to restrict phishing campaigns occurring in my organization, as it detects suspicious indicators such as domain impersonation, automatically flags, and remediates those messages before user interaction. To restrict user interaction, I use Sublime Security here.

    My organization specializes in email-related security, so we exclusively use Sublime Security without using Microsoft Defender.

    What is most valuable?

    What I like the most about Sublime Security is that it automatically analyzes and remediates suspicious emails reported by the AI agents, allowing security teams to write custom organization-specific policies according to their needs. It converts threat handles into automatic decisions, uses MQL, and monitors and blocks outbound email containing sensitive information or user data, helping organizations prevent leaks related to email.

    What needs improvement?

    One issue I dislike about Sublime Security is that it requires expertise in MQL, which took my organization almost two months to learn. I initially took help from a vendor but later needed customization, meaning I had to learn the MQL language myself, which was challenging since none of my five to six engineers knew how it worked beforehand. Additionally, while Sublime Security mainly focuses on email defense systems, it does not protect other tools like Microsoft Teams, OneDrive, or Zoom. It would be beneficial if it could be used for other tools configured with emails. I also found limitations in its integration with specialized tools, requiring customized API solutions for end-to-end data capture.

    For how long have I used the solution?

    I have been using Sublime Security for the last eight months, and it is a one-time configuration, so I do not need to use it again and again. I simply enjoy its automation directly.

    What do I think about the stability of the solution?

    Regarding stability, I can say that I have not faced any lagging, crashing, or downtime issues, so I would score it full marks since there have been no problems until now.

    What do I think about the scalability of the solution?

    Concerning scalability, I am getting a large volume of emails daily, around one thousand to one thousand five hundred per mailbox, indicating that it has good scalability since I have not encountered any issues.

    How are customer service and support?

    I contacted technical support because there were some emails that could not be identified due to phishing. I contacted the team and learned that I missed some configurations on my end. The technical team helped me greatly, and since then, I have not faced any issues. I need to take care during configuration, refer to their documentation, and ensure everything is set up correctly to avoid future problems.

    Since I contacted support only once and it was helpful, I would give them a score of ten out of ten.

    Which solution did I use previously and why did I switch?

    I cannot provide specifics about other systems I have used before, but I can say that I have encountered approximately forty to sixty phishing emails so far. These include suspicious messages related to financial matters and promotions which Sublime Security has successfully detected to prevent interactions.

    How was the initial setup?

    The initial deployment of Sublime Security was moderate; it was neither particularly difficult nor easy. It was configured by my vendor team and required some MQL expertise alongside some custom API configuration.

    What's my experience with pricing, setup cost, and licensing?

    In terms of maintenance, it requires an annual subscription per mailbox if I want to purchase it at once. If there are no issues, I do not think annual maintenance costs should be necessary since there are no major issues (P1, P2) with Sublime Security.

    Which other solutions did I evaluate?

    I have not used any alternatives, but there is Microsoft Defender, which is an inbuilt tool for Microsoft.

    What other advice do I have?

    In terms of transparency, Sublime Security provides the correct information I require. It also offers usable data and additional solutions for configuration to avoid potential issues, which I appreciate. The transparency is particularly good in terms of knowledge.

    It is very important for my organization that Sublime Security offers reduced vendor dependency when deploying new protections, especially to mitigate phishing risks since I am a security organization. I do not want to face any vulnerabilities, security breaches, or risks related to email, given its central role in my daily interactions. I see Sublime Security as a very important tool that allows me to work without fear of breaches.

    I have installed only one AI agent, ASA, which stands for Autonomous Security Analyst. This agent analyzes and remediates dangerous or suspicious emails reported from other mails. So far, I have only used ASA, which has been incredibly helpful, but I am not sure about other AI agents since ASA has been my only implementation.

    Regarding the impact of the autonomous detection engineer on my environment's detection coverage, I have not faced any issues, so I cannot comment on its impact at this time.

    I would give Sublime Security an overall review rating of nine out of ten.

    Prajwal Chougale

    Advanced email defenses have reduced phishing false positives and improved SOC investigations

    Reviewed on Jul 07, 2026
    Review provided by PeerSpot

    What is our primary use case?

    My main use case for Sublime Security is email security, as it provides an AI-powered email security platform designed to manage all the emails coming to the organization, which is comparable to other email security tools available, allowing us to detect phishing attacks using different rules.

    Regarding my main use case for Sublime Security, we mainly use it as an email security tool, which is customizable with detection logics and automation capabilities that help us understand why emails are flagged, enabling organization-specific detections.

    What is most valuable?

    The best features of Sublime Security include its seamless integration with Microsoft 365, which can be set up easily within three to four hours, the built-in detection rules that are effective against phishing, and its ability to reduce false positives compared to Microsoft Defender.

    The customization and threat hunting features of Sublime Security have helped my team by allowing us to create specific detection rules for quarantined emails and alerting SOC analysts automatically, and one notable instance involved identifying a compromised user through flagged suspicious alerts.

    Sublime Security positively impacts my organization with AI-driven detection that reduces false positives and improves alert severity, providing timely notifications to the SOC analyst if any interaction occurs after clicking a potentially malicious link.

    What needs improvement?

    To improve Sublime Security, I would appreciate better reporting capabilities, as the current reports are too high-level for regular SOC operations.

    Apart from reporting, everything else about Sublime Security is impressive.

    For how long have I used the solution?

    I have been using Sublime Security for more than around 1.5 years.

    What do I think about the stability of the solution?

    Sublime Security is stable, with minimal maintenance times and high reliability, experiencing very few downtimes.

    What do I think about the scalability of the solution?

    Sublime Security's scalability is impressive, accommodating organizations of various sizes and capable of handling growth effortlessly.

    How are customer service and support?

    I raised multiple support cases regarding report availability, and they have been very responsive, showing a commitment to resolving issues.

    I would rate the customer support a 9.5.

    Which solution did I use previously and why did I switch?

    I have exclusively used Sublime Security for this customer, but I have used Avanan and Microsoft Defender for others, and I find Sublime Security to be one of the best tools for email security.

    How was the initial setup?

    The best features of Sublime Security include its seamless integration with Microsoft 365, which can be set up easily within three to four hours.

    What about the implementation team?

    We are customers of Sublime Security, without any other business relationship.

    What was our ROI?

    While quantifying return on investment is challenging, Sublime Security has helped my team by avoiding multiple false positives and facilitating better investigations.

    What's my experience with pricing, setup cost, and licensing?

    My experience with pricing, setup cost, and licensing is limited, but I noticed that Sublime Security was slightly more expensive than Avanan or Defender, as Defender comes included with other Microsoft products, but I believe Sublime Security is value for money.

    Which other solutions did I evaluate?

    Before choosing Sublime Security, we evaluated Avanan and Defender 365, but clients opted for Sublime Security due to its superior detection rules and customer support.

    What other advice do I have?

    If pricing is not an issue, I advise others to go for Sublime Security.

    Reduced vendor dependency in deploying new protections with Sublime Security matters to us as it enhances email classification and security alerts, aiding in the detection of subtle threats.

    The impact of Autonomous Detection Engineer (ADA) on our detection coverage has been significant, blocking over 1,500 to 1,800 emails classified mostly as spear-phishing targeting VIP users.

    As for the AI agents, we have not fully utilized their capabilities yet, relying more on improving detection rules and email classification.

    I rate this product a 9 overall.

    reviewer2809026

    Advanced email rules have improved spam detection and made daily reviews more efficient

    Reviewed on Jul 03, 2026
    Review provided by PeerSpot

    What is our primary use case?

    My main use case for Sublime Security is to test how this product works, so I am using this for that purpose.

    For a quick specific example of what I tested with Sublime Security, it detects the emails of the person on this side to check that feature, and there is a feature in Sublime Security that is detection as code, which is an excellent feature that I have noticed in this product. I am talking about eleven hundred, and that detection feature is something where I can explicitly customize mentions of power spam or non-structured email. With our custom permissions, we have it, and getting that notice by word blocking is something very important. It is a great feature that I have been using.

    Regarding my main use case for testing Sublime Security, it is very good, and I fully specify that detection; it is something very extensive with maximum features.

    What is most valuable?

    The best features Sublime Security offers include detection as code, which gives a very powerful feature for users to write rules, custom objects, and the language provides some syntax that is definitely a good feature. The second one is why it detects spam emails or justifies why this is considered spam, which is the second most valuable feature.

    I use the detection as code feature in my day-to-day life, which usually identifies junk emails and spam emails by default with the conditions and the vast dataset it has. Even if some emails may not get into that machine learning dataset, I can describe if it is from an external source and has rewards; I can remove it since it is considered spam. This feature changes the usual segregation and categorization, helping users not fall for known types of emails that the system may not detect. The explanation of justification, instead of just flagging something as spam, gives the user understanding such as, this is not a Google email; we really cannot click on it. It enhances user security, and even if another user sees this type of content based on gesture events for another email, they think not to use the image correctly.

    Sublime Security has positively impacted my organization.

    What needs improvement?

    I would say there are very minimal changes needed regarding Sublime Security; for first-time users, it can be difficult knowing how to write the tool. Having some templates available would improve the experience.

    My advice for others looking into using Sublime Security is that each edition would be helpful for initial users, and users should set templates in, which can be added; right now, I am not trying anything new, as this is cool.

    For how long have I used the solution?

    I have been using Sublime Security for three months.

    What do I think about the stability of the solution?

    Sublime Security is stable; I confirm this.

    Which solution did I use previously and why did I switch?

    I did switch to Sublime Security; it is part of my style of working.

    Which other solutions did I evaluate?

    Before choosing Sublime Security, I evaluated alternatives such as MyCast and Proofpoint, which I refused before finalizing on Sublime Security.

    What other advice do I have?

    Phishing versus phishing detection is also something I find good, and I have mentioned these things already.

    Since I have been using Sublime Security personally, I have noticed specific improvements like fewer spam emails and improved detection, which saves me time. It helps me segregate emails instead of reviewing all things manually, as it detects spam emails. I do not have to go through every email, which makes me very efficient for other tasks. It also shows if some emails are current, and if I am about to register or receive registration links, it tells me why those emails are separated. I understand better instead of reading all the emails, and it summarizes the words or thumbnails of the emails. If an email is considered good, I continue, making my time more efficient.

    Regarding the AI capabilities of Sublime Security, I think for detection, using ML to analyze content is already a feature present in Sublime Security, which also identifies phishing attempts.

    I think Sublime Security shows false positives. I give this review a rating of nine.

    Dhruv Vaghasiya

    Advanced email defenses have reduced phishing incidents and improve response to targeted attacks

    Reviewed on Jun 29, 2026
    Review from a verified AWS customer

    What is our primary use case?

    Sublime Security serves as our primary solution for advanced mail threat detection and response. We use it to identify phishing attempts, business email compromise, malicious attachments, credential harvesting campaigns, and other email-based threats before they reach our end users.

    One recent example involved a phishing campaign targeting our finance team members with fake invoices. Using Sublime Security, we detected suspicious indicators such as domain impersonations, link behavior, and email content patterns, which flagged and isolated the messages before users interacted with them, preventing a potential credential compromise.

    We use Sublime Security daily for monitoring inbound email threats and also for investigating suspicious emails, tuning detection rules, and improving our overall email security posture.

    What is most valuable?

    Sublime Security's best features include advanced phishing detection, custom detection rules, real-time threat analysis, and email behavior analysis.

    The detection engine has made the biggest difference because it catches sophisticated phishing attempts that traditional email security sometimes misses.

    In terms of Sublime Security's impact, it has strengthened our email security posture, reduced the phishing risk, improved response time, and increased confidence in our security controls. It has reduced phishing-related incidents by approximately 60% and makes the investigation and response process faster by around 30 to 40%.

    The Autonomous Detection Engineer has made a noticeable difference because it works far better than normal detection rules, thanks to its AI capabilities and the context it has regarding email threats.

    I find the controllable and transparent AI in Sublime Security regarding its decision-making process and auditability to be excellent, allowing us to control all the security workflows effectively.

    What needs improvement?

    Sublime Security is a great tool, but improvements are needed in areas such as better executive-level summaries, a more advanced reporting dashboard, and more automated remediation workflows. Additionally, integration with security platforms could be more useful.

    The product is already strong from a detection perspective, and most improvements should focus on reporting, automation, and broader integration.

    For how long have I used the solution?

    I have been using Sublime Security for about 11 months.

    What do I think about the stability of the solution?

    Sublime Security has proven to be stable and dependable in our daily operations.

    What do I think about the scalability of the solution?

    Sublime Security's scalability is very good, and it scales well with growing email volume and evolving threat patterns.

    How are customer service and support?

    Our customer support has been responsive and technically knowledgeable, leading to a great experience with their team.

    Which solution did I use previously and why did I switch?

    We previously relied on default email security controls and a combination of security monitoring tools because we needed stronger protection against increasingly sophisticated phishing attacks and better visibility into email threats.

    How was the initial setup?

    The setup is relatively straightforward, and the pricing feels reasonable considering the value it provides in preventing phishing and email-based threats.

    What about the implementation team?

    We directly purchased Sublime Security from the vendors.

    What was our ROI?

    The ROI comes from reduced phishing risk, faster incident response, and lower operational overhead, making it a very good investment.

    What's my experience with pricing, setup cost, and licensing?

    On average, Sublime Security has prevented about 200 to 300 malicious emails daily for all users, which equals around 6,000 to 7,000 per month, totaling approximately 60 to 70,000 over the 10 to 11 months we have used it.

    Which other solutions did I evaluate?

    We evaluated Abnormal Security and Microsoft Defender before choosing Sublime Security.

    What other advice do I have?

    Sublime Security is performing well with its SaaS platform, but for enterprise levels, they might need to consider adjustments such as license pricing and setup for on-premises clients.

    My advice to others looking into using Sublime Security is to integrate it fully with your email environment and security workflows and to spend time tuning detection policies early to maximize value and reduce noise, as it is a great tool that provides enterprise-level security.

    I find that the threat detection is accurate and very reliable, with strong detection performance and relatively low false positives, which is vital for operational efficiency.

    I would rate this review a 9 out of 10.

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Amazon Web Services (AWS)
    reviewer2805510

    Advanced email protection has enabled us to safeguard partners and reduce costly phishing risks

    Reviewed on Apr 02, 2026
    Review provided by PeerSpot

    What is our primary use case?

    Our main use case is two-fold. Primarily, as a channel partner, our core focus is channel enablement. We actively pitch, demonstrate, and distribute Sublime Security to our partner network, who then deploy it for end-user organizations. Secondarily, we 'drink our own champagne' by running it internally to protect our own business communications.

    When we position it to our partners, we frame it as an advanced email security platform. It goes far beyond traditional junk filtering by actively hunting the sophisticated threats that bypass native defenses—specifically Business Email Compromise (BEC), CEO fraud, invoice scams, fake login pages, and malware attachments.

    How has it helped my organization?

    As a distributor, the positive impact for us is measured by how well the product performs for our partners and their end-users. Sublime Security has been a major positive because it perfectly fits our criteria for 'best-in-breed' solutions. Specifically, it delivers strong ROI, saves employee time, and significantly reduces risk exposure by preventing expensive breaches. Because it checks all these boxes, we've been able to successfully enable our partners across all our regions to confidently take it to market.

    Another major positive is its deployment model. In today's cybersecurity landscape, 'rip-and-replace' is a massive hurdle for buyers. Sublime works flawlessly with existing tools, enhancing a customer's current stack rather than forcing them to rebuild it.

    What is most valuable?

    The standout features of Sublime Security revolve around its ability to catch advanced threats that bypass native defenses. Specifically, it excels at blocking malware attachments and stopping Business Email Compromise (BEC), such as CEO fraud and invoice scams.

    A major advantage is its fast time-to-value because it isn't a rip-and-replace solution. Instead, it acts as a 'smarter layer' that enhances existing protections like Microsoft 365 or Google Workspace. While native security catches the obvious junk, Sublime uses flexible, customizable detection logic to catch the highly sophisticated attacks that easily slip through standard filters.

    Finally, the platform gives you deep visibility and fast search capabilities across all email activity. Without a tool like this, investigations take far too long, and teams lack visibility into what actually breached the inbox. Sublime solves this by offering rapid detection, automated response actions, and the ability to quickly remove malicious emails in bulk.

    What needs improvement?

    Based on the feedback we receive from our partners and their end-users, there are two main areas for improvement: the learning curve and pricing for smaller organizations. First, while the platform is incredibly powerful, it isn't simply 'plug-and-play.' Security teams need to invest time into learning the product to extract its full value.

    Second, the cost can feel a bit steep for small-to-medium-sized businesses (SMBs). However, we always caveat this by looking at the ROI: a single breach could put a small company completely out of business. While the upfront cost might seem high to them, preventing just one catastrophic breach means the tool instantly pays for itself.

    For how long have I used the solution?

    I have been using the solution for eighteen months.

    What other advice do I have?

    On a scale of one to ten, I rate Sublime Security a nine out of ten because I believe there are a couple of negatives regarding scalability for catering to enterprise and small to medium enterprises. Additionally, the product requires a learning phase, and it is not readily usable right away.

    Sublime Security merits this rating because of a couple of changes that need to be addressed. If it catered to both small and enterprise businesses on a pricing scale, it would receive a ten, but it is not far away.

    Kyle B.

    Effortlessly Blocks Malicious Emails, Saves Time

    Reviewed on Feb 23, 2026
    Review provided by G2
    What do you like best about the product?
    I like that the Sublime Email Security Platform is highly automated, which saves us time. We've significantly cut down the hours we used to spend reviewing emails and reported emails, reducing our annual effort by 400 hours. The initial setup was extremely easy.
    What do you dislike about the product?
    I have no complaints at this time.
    What problems is the product solving and how is that benefiting you?
    I use Sublime Email Security Platform to prevent malicious emails, solving the problem of phishing emails reaching users. It's highly automated, saving us time and reducing our email review effort by 400 hours annually.
    Maryam S.

    Robust Malware Protection with Seamless Setup

    Reviewed on Feb 18, 2026
    Review provided by G2
    What do you like best about the product?
    I appreciate the Sublime Email Security Platform for its detection and automation features, especially behavior and content-based detection. The initial setup was great and seamless, making the transition from Minecast very smooth.
    What do you dislike about the product?
    Na
    What problems is the product solving and how is that benefiting you?
    I use Sublime Email Security Platform for malware protection, benefiting from its detection and automation features like behavior and content-based detection.
    Jack G.

    Flexible Detection Rules with Sublime Email Security

    Reviewed on Feb 17, 2026
    Review provided by G2
    What do you like best about the product?
    I appreciate how user-friendly both the UI and API of the Sublime Email Security Platform are, which allows me to create in-depth detections and automations easily. I like that Sublime MQL facilitates deep customization when creating detection rules, capturing specific scenarios with various email attributes. The platform provides complex detection rule creation that would be challenging with other solutions, and it's impressive how the functions in MQL allow for intricate rule construction, down to prevalence within the configured tenant. The powerful language of Sublime provides extensive coverage with its rules, which is another aspect I find valuable.
    What do you dislike about the product?
    Availability of ASA via the Sentinel integration? Allowing the summary to be forwarded to Sentinel.
    What problems is the product solving and how is that benefiting you?
    I use Sublime Email Security Platform for creating complex detection rules efficiently with MQL. The user-friendly UI and API enable seamless detection and automation, and the platform's powerful customization allows specific email scenarios to be captured.
    Jonathan C.

    Powerful and Intuitive Email Security Solution

    Reviewed on Feb 11, 2026
    Review provided by G2
    What do you like best about the product?
    I like how the Sublime Email Security Platform is really intuitive and offers a lot of functionality. The API backend is robust, letting us expand capabilities and add automation. The reporting, hunting, and rule creation journey are great. I also appreciate that the initial setup is really easy.
    What do you dislike about the product?
    Nothing.
    What problems is the product solving and how is that benefiting you?
    I use Sublime Email Security Platform to handle detections and manage coverage effectively. It fills gaps where other tools can't, with powerful MQL for custom rules tailored to our needs.
    John H.

    Accurate Out of the Box, Transparent Detections, and Powerful Automations

    Reviewed on Feb 11, 2026
    Review provided by G2
    What do you like best about the product?
    I like that Sublime has a high degree of accuracy out of the box negating a long tuning process. The regular updates to existing and creation of new core detections keeps us well protected. The ability to create custom detection, create bespoke automations is a massive plus point. I like that the detection logic is transparent, so you always know why something was flagged. The API features also make it simple to integrate into existing workflows and remove repetitive manual tasks.
    What do you dislike about the product?
    Sublime develops and releases new valuable features regularly that we would love to use. Unfortunately, inconsistencies in regional hosting outside of the direct control of Sublime can mean that sometimes these valuable new features don’t appear in our region right away.
    What problems is the product solving and how is that benefiting you?
    Sublime greatly strengthens our overall detection stack by adding defence in depth, its automated remediation of threats and it's automated analysis and remediation of user‑reported phishing significantly reduces manual investigation time whilst maintaining or improving response quality.