Overview
Sublime's agentic platform stops more email attacks with less work. It's team of AI agents work like a digital SOC team in your environment, triaging and blocking advanced threats while adapting protections at adversary speed. It provides full transparency and automation by default, with control on demand for advanced teams, eliminating vendor bottlenecks or one-size-fits-all limits.
Get an AWS Private Offer and speak with the team at sales@sublimesecurity.com
Highlights
- By stopping more attacks and reducing false positives, Sublime delivers a superior autonomous AI experience that requires less work. For advanced teams, the platform is fully extensible, allowing you to author your own detections and hunt for threats with a level of precision that one-size-fits-all solutions can't.
- Block sophisticated threats (BEC, novel phishing, QR-based phishing) and reduce the false positives that waste time and disrupt workflows. Sublime's tailored protections deliver a demonstrably higher catch rate, validated by the world's most demanding security teams.
- Protect Microsoft 365 and Google Workspace accounts with no MX changes. Deploy in Sublime Cloud or self-host on AWS.
Details
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Trust Center
Buyer guide

Financing for AWS Marketplace purchases
Pricing
Dimension | Description | Cost/12 months |
|---|---|---|
Price per Mailbox | Annual price per mailbox starting at | $76.20 |
Vendor refund policy
We do not currently support refunds.
How can we make this page better?
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Sublime Security Support Policy can be found at
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Customer reviews
Advanced email defenses have reduced phishing incidents and improve response to targeted attacks
What is our primary use case?
Sublime Security serves as our primary solution for advanced mail threat detection and response. We use it to identify phishing attempts, business email compromise, malicious attachments, credential harvesting campaigns, and other email-based threats before they reach our end users.
One recent example involved a phishing campaign targeting our finance team members with fake invoices. Using Sublime Security , we detected suspicious indicators such as domain impersonations, link behavior, and email content patterns, which flagged and isolated the messages before users interacted with them, preventing a potential credential compromise.
We use Sublime Security daily for monitoring inbound email threats and also for investigating suspicious emails, tuning detection rules, and improving our overall email security posture.
What is most valuable?
Sublime Security's best features include advanced phishing detection, custom detection rules, real-time threat analysis, and email behavior analysis.
The detection engine has made the biggest difference because it catches sophisticated phishing attempts that traditional email security sometimes misses.
In terms of Sublime Security's impact, it has strengthened our email security posture, reduced the phishing risk, improved response time, and increased confidence in our security controls. It has reduced phishing-related incidents by approximately 60% and makes the investigation and response process faster by around 30 to 40%.
The Autonomous Detection Engineer has made a noticeable difference because it works far better than normal detection rules, thanks to its AI capabilities and the context it has regarding email threats.
I find the controllable and transparent AI in Sublime Security regarding its decision-making process and auditability to be excellent, allowing us to control all the security workflows effectively.
What needs improvement?
Sublime Security is a great tool, but improvements are needed in areas such as better executive-level summaries, a more advanced reporting dashboard, and more automated remediation workflows. Additionally, integration with security platforms could be more useful.
The product is already strong from a detection perspective, and most improvements should focus on reporting, automation, and broader integration.
For how long have I used the solution?
I have been using Sublime Security for about 11 months.
What do I think about the stability of the solution?
Sublime Security has proven to be stable and dependable in our daily operations.
What do I think about the scalability of the solution?
Sublime Security's scalability is very good, and it scales well with growing email volume and evolving threat patterns.
How are customer service and support?
Our customer support has been responsive and technically knowledgeable, leading to a great experience with their team.
Which solution did I use previously and why did I switch?
We previously relied on default email security controls and a combination of security monitoring tools because we needed stronger protection against increasingly sophisticated phishing attacks and better visibility into email threats.
How was the initial setup?
The setup is relatively straightforward, and the pricing feels reasonable considering the value it provides in preventing phishing and email-based threats.
What about the implementation team?
We directly purchased Sublime Security from the vendors.
What was our ROI?
The ROI comes from reduced phishing risk, faster incident response, and lower operational overhead, making it a very good investment.
What's my experience with pricing, setup cost, and licensing?
On average, Sublime Security has prevented about 200 to 300 malicious emails daily for all users, which equals around 6,000 to 7,000 per month, totaling approximately 60 to 70,000 over the 10 to 11 months we have used it.
Which other solutions did I evaluate?
We evaluated Abnormal Security and Microsoft Defender before choosing Sublime Security.
What other advice do I have?
Sublime Security is performing well with its SaaS platform, but for enterprise levels, they might need to consider adjustments such as license pricing and setup for on-premises clients.
My advice to others looking into using Sublime Security is to integrate it fully with your email environment and security workflows and to spend time tuning detection policies early to maximize value and reduce noise, as it is a great tool that provides enterprise-level security.
I find that the threat detection is accurate and very reliable, with strong detection performance and relatively low false positives, which is vital for operational efficiency.
I would rate this review a 9 out of 10.
Which deployment model are you using for this solution?
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Advanced email protection has enabled us to safeguard partners and reduce costly phishing risks
What is our primary use case?
Our main use case is two-fold. Primarily, as a channel partner, our core focus is channel enablement. We actively pitch, demonstrate, and distribute Sublime Security to our partner network, who then deploy it for end-user organizations. Secondarily, we 'drink our own champagne' by running it internally to protect our own business communications.
When we position it to our partners, we frame it as an advanced email security platform. It goes far beyond traditional junk filtering by actively hunting the sophisticated threats that bypass native defenses—specifically Business Email Compromise (BEC), CEO fraud, invoice scams, fake login pages, and malware attachments.
How has it helped my organization?
As a distributor, the positive impact for us is measured by how well the product performs for our partners and their end-users. Sublime Security has been a major positive because it perfectly fits our criteria for 'best-in-breed' solutions. Specifically, it delivers strong ROI, saves employee time, and significantly reduces risk exposure by preventing expensive breaches. Because it checks all these boxes, we've been able to successfully enable our partners across all our regions to confidently take it to market.
Another major positive is its deployment model. In today's cybersecurity landscape, 'rip-and-replace' is a massive hurdle for buyers. Sublime works flawlessly with existing tools, enhancing a customer's current stack rather than forcing them to rebuild it.
What is most valuable?
The standout features of Sublime Security revolve around its ability to catch advanced threats that bypass native defenses. Specifically, it excels at blocking malware attachments and stopping Business Email Compromise (BEC), such as CEO fraud and invoice scams.
A major advantage is its fast time-to-value because it isn't a rip-and-replace solution. Instead, it acts as a 'smarter layer' that enhances existing protections like Microsoft 365 or Google Workspace. While native security catches the obvious junk, Sublime uses flexible, customizable detection logic to catch the highly sophisticated attacks that easily slip through standard filters.
Finally, the platform gives you deep visibility and fast search capabilities across all email activity. Without a tool like this, investigations take far too long, and teams lack visibility into what actually breached the inbox. Sublime solves this by offering rapid detection, automated response actions, and the ability to quickly remove malicious emails in bulk.
What needs improvement?
Based on the feedback we receive from our partners and their end-users, there are two main areas for improvement: the learning curve and pricing for smaller organizations. First, while the platform is incredibly powerful, it isn't simply 'plug-and-play.' Security teams need to invest time into learning the product to extract its full value.
Second, the cost can feel a bit steep for small-to-medium-sized businesses (SMBs). However, we always caveat this by looking at the ROI: a single breach could put a small company completely out of business. While the upfront cost might seem high to them, preventing just one catastrophic breach means the tool instantly pays for itself.
For how long have I used the solution?
I have been using the solution for eighteen months.
What other advice do I have?
On a scale of one to ten, I rate Sublime Security a nine out of ten because I believe there are a couple of negatives regarding scalability for catering to enterprise and small to medium enterprises. Additionally, the product requires a learning phase, and it is not readily usable right away.
Sublime Security merits this rating because of a couple of changes that need to be addressed. If it catered to both small and enterprise businesses on a pricing scale, it would receive a ten, but it is not far away.