Sublime Releases Open Email Security Platform, Attracts Investment -

Sublime has launched an open email security platform that lets anyone write, run and share rules to detect and block email-originated threats, including phishing attacks, the company announced in a prepared statement.

The platform has been in private beta testing for more than a year and is already in use at dozens of organizations, including Fortune 500s, Global 2000s and FTSE 250s, with a 2,500-organization waitlist, the company said.

More Control Over Email

Sublime’s founder and CEO Joshua Kamdjou said that the key was empowering email security professionals everywhere was to collaborate and have more control — from large security teams at well-resourced enterprises to independent researchers and solo defenders.

As Kamdjou explained:

“Security professionals are used to having control and being able to collaborate in every area of security but email. It’s time for that to change. We want to make it easy for anyone to secure their organization from email-based threats, whether you’re a large enterprise, nonprofit or small business. There are so many more bad actors than good guys trying to keep people safe. If we open it up and let everyone contribute, we actually stand a fighting chance.”

Company Touts “Industry Firsts”

Sublime notes that it is changing the way the security community approaches email defense, touting a number of “industry firsts”:

The first open, free and self-hostable email security platform. With one line of code and a Docker instance, anyone can immediately set up Sublime for free in their own environments and start running behavioral rules to block phishing attacks and other email-borne threats. Unlike other email security products which are controlled by the vendor as a black box, Sublime is fully configurable and transparent, with no vendor detection bottleneck.

The first domain-specific language (DSL) purpose-built for email. Sublime’s Message Query Language (MQL) works across Microsoft 365 and Google Workspace, allowing cross-platform collaboration using detection-as-code for detection engineering, threat hunting, and triage.

The first community-powered email security platform. One third of the detection rules in the open source Sublime Core Feed are community-contributed and have already been used to block tens of thousands of phishing attacks across the community. Sharing is peer-to-peer via Git.

The first platform to integrate machine learning with customizable rules in email. Anyone can combine their local domain knowledge with Sublime’s machine learning models including natural language understanding (NLU), computer vision (CV), and more.

EML Analyzer, the first free, public, no-author tool for rapid phishing investigation.

Sublime Secures Funding Boost

Sublime recently raised $9.8 million in funding from Decibel, which led the funding round along with participation from Slow Ventures and others.

The company was created by former Department of Defense offensive security professional Joshua Kamdjou along with co-founder and former Optimizely and Alto growth head Ian Thiel.

Explaining his company’s interest in Sublime, Dan Nguyen-Huu, a partner at Decibel, said:

"Email security has always been a passive wait, see, and catch game with black box software you have no control over. Even if your own security team finds a phishing attack, you’re typically at the mercy of your vendor acting on it. Josh and Ian are turning this paradigm on its head with a fully transparent, self-serve platform that enlists the wisdom of the entire community to tackle email threats proactively. Sublime lets security leads across organizations collaborate for mutual defense."