Sublime Platform
by Sublime Security
Overview
An open, adaptable email security platform for writing, running, and sharing custom detection and response rules to block phishing attacks, hunt for threats, and more.
Why?
Traditional email security is a one-size-fits-all black box.
The Sublime Platform gives defenders control over their email environment and uses an intuitive, interoperable, purpose-built domain-specific language (DSL).
Setup
curl -sL https://sublime.security/install.sh | sh
Detection rules
Open-source detection rules are maintained in the sublime-rules repo.
Learn more
- Sublime overview
- Docs
- Message Query Language (MQL) reference - Sublime's DSL purpose-built for email analysis
- Release log