sublime-security/sublime-platform

A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and control, hunt for advanced threats, collaborate with the community, and write detections-as-code.

Sublime Platform

by Sublime Security

Overview

A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and control, hunt for advanced threats, and collaborate with the community.

Sublime uses Message Query Language (MQL), a domain-specific language purpose-built for describing behavior in email. MQL is email provider agnostic, enabling defenders to write, run, and share Detections-as-Code.

Learn more about MQL: Introduction to Message Query Language

Setup

curl -sL https://raw.githubusercontent.com/sublime-security/sublime-platform/main/install-and-launch.sh | sh

View Docker Quickstart

View other deployment methods

Detection rules

Open-source detection rules and links to community Feeds are maintained in the sublime-rules repo.

Learn more

• Docs
• API
• Release log
• Message Query Language (MQL)