Solutions
Platform
Community
Sublime enables security teams and researchers to share rules publicly or privately to detect email attacks and hunt for threats.
Detection rules contributed to the public Sublime Rules Feed are available to all users. Submissions are vetted by the Sublime team.
Collaborate peer-to-peer or run rules vetted by Sublime
Filename w/ Right-to-Left Override Unicode
Submitted by:
@vector_sec
Link to download encrypted zip with ISO
Submitted by:
@ajpc500
Malicious OneNote attachment
Submitted by:
@Kyle_Parrish_
Subscribe to rules created by industry experts
Share detections publicly or privately via Git
Receive new rules and updates automatically
Stay ahead of attacker adaptation
Sublime Feeds are Git-backed, and subscriptions are kept automatically up to date.
Write and run custom rules. You control if, when, and how they’re shared.
Submit your rules to the public Sublime Rules Feed or share privately with anyone.
Your rules will block phishing attacks for Sublime users around the world.
Detection rules have been contributed both publicly and privately by Global 2000 security teams and independent researchers.
Deploy and integrate a free Sublime instance in minutes.
For organizations of any size. First 100 mailboxes free.
Limited to 600 active mailboxes. View Docker Guide.
Scales to any number of mailboxes. View AWS Quickstart
Coming Soon!