https://github.com/sublime-security/sublime-platform

A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and control, hunt for advanced threats, collaborate with the community, and write detections-as-code.
https://github.com/sublime-security/sublime-platform

detection-rules email-security phishing phishing-detection security security-tools

Last synced: 21 days ago
JSON representation

A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and control, hunt for advanced threats, collaborate with the community, and write detections-as-code.

• Host: GitHub
• URL: https://github.com/sublime-security/sublime-platform
• Owner: sublime-security
• License: mit
• Created: 2021-04-17T17:51:56.000Z (almost 5 years ago)
• Default Branch: main
• Last Pushed: 2025-12-18T16:59:22.000Z (about 2 months ago)
• Last Synced: 2025-12-26T21:12:07.748Z (about 1 month ago)
• Topics: detection-rules, email-security, phishing, phishing-detection, security, security-tools
• Language: Shell
• Homepage: https://sublime.security
• Size: 263 KB
• Stars: 239
• Watchers: 10
• Forks: 26
• Open Issues: 12
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
 

Sublime Platform

==========

by Sublime Security

Overview

---------

A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and control, hunt for advanced threats, and collaborate with the community.

Sublime uses Message Query Language (MQL), a domain-specific language purpose-built for describing behavior in email. MQL is email provider agnostic, enabling defenders to write, run, and share Detections-as-Code.

Learn more about MQL: [Introduction to Message Query Language](https://sublime.security/blog/introduction-to-message-query-language-mql)

Setup

----------

```console

curl -sL https://raw.githubusercontent.com/sublime-security/sublime-platform/main/install-and-launch.sh | sh

```

[View Docker Quickstart](https://docs.sublimesecurity.com/docs/quickstart-docker)

[View other deployment methods](https://sublime.security/start)

Detection rules

----------

Open-source detection rules and links to community Feeds are maintained in the [sublime-rules repo](https://github.com/sublime-security/sublime-rules).

Learn more

----------

- [Docs](https://docs.sublimesecurity.com)

- [API](https://docs.sublimesecurity.com/reference/introduction)

- [Release log](https://new.sublimesecurity.com)

- [Message Query Language (MQL)](https://docs.sublimesecurity.com/docs/message-query-language)