Sublime Security closed a $150M Series C in October 2025 at a post-money valuation of approximately $926M. The round was led by Georgian with participation from Avenir, 01A, Index Ventures, IVP, Citi Ventures, Slow Ventures, and Decibel Partners.

The company previously raised a $60M Series B in December 2024, bringing its total disclosed funding to $93.8M at that time. Earlier rounds included a $20M Series A led by Index Ventures and smaller seed funding from investors including BoxGroup.

With the Series C, Sublime has now raised a total of $243.8M in disclosed funding.

Sublime Security is a programmable email security platform that sits on top of Microsoft 365, Google Workspace, or any IMAP mail server. The system copies each incoming message via journaling APIs or Graph/Gmail APIs into its processing pipeline.

Each message is parsed into a structured JSON format called the Message Data Model. Security teams write rules using Sublime's Message Query Language, an SQL-like language tailored to email content, headers, attachments, and metadata.

The platform combines multiple AI engines to detect threats. Natural language models analyze business intent, urgency, and sentiment to detect text-only business email compromise attacks that contain no malicious links or attachments. Computer vision models identify fake logos, QR codes, and obfuscated text within images.

Sublime provides autonomous AI agents. The Autonomous Security Analyst handles user-reported phishing by automatically triaging messages, running detonations, determining if threats are malicious, quarantining dangerous emails, and responding to users. The Autonomous Detection Engineer reviews missed attacks, analyzes telemetry data, drafts new detection rules, tests them against historical data, and submits them for approval.

Security teams can operate in guided mode by approving suggested rules with one click, or in advanced mode where they write custom detection logic and push it to production within minutes. The platform includes threat hunting capabilities that let analysts pivot from ad-hoc searches to permanent detection rules.

Sublime operates a B2B SaaS model targeting enterprise security teams with subscription pricing based on the number of protected mailboxes. The platform deploys either as a cloud service or through self-managed Docker containers for regulated customers requiring on-premises deployment.

The company maintains an open-source component with MIT-licensed detection rules that creates a community-driven development model. Over one-third of Sublime's default rule catalog comes from community contributions, effectively turning the open-source ecosystem into a lead generation engine while improving threat detection across all customers.

Sublime's cost structure includes cloud infrastructure and AI model inference costs, but benefits from economies of scale as more customers contribute to the shared threat intelligence. The platform's rule-based approach allows customers to audit every blocking decision, making it particularly attractive to compliance-heavy industries that need transparency in their security tools.

The business model creates strong retention through workflow integration and the accumulation of custom detection rules that become increasingly valuable over time. Enterprise customers typically expand their usage as they deploy Sublime across more business units and integrate it deeper into their security operations workflows.

Abnormal Security leads this category with over $200M in ARR and a $5B valuation following recent funding rounds. The company leverages behavioral baselines across 65,000+ tenants but operates with closed detection systems that customers cannot modify.

Material Security focuses on post-compromise controls with message redaction and MFA gating capabilities. The company reached unicorn status but has been slower to deploy LLM-specific detections compared to newer entrants.

IRONSCALES serves over 17,000 customers with a focus on user-reported phishing and AI clustering, often winning mid-market deals on price but lagging in detection quality for novel AI-generated attacks.

Proofpoint dominates the traditional secure email gateway market with massive data processing capabilities handling 2.8 trillion emails daily. The company has acquired AI capabilities through deals like Tessian but faces slower innovation cycles due to integration with broader security suites.

Mimecast serves 42,000 customers and 26 million users but similarly struggles with the transition from gateway-based to API-driven cloud email security. Both incumbents have strong channel relationships but less flexibility in detection customization.

Microsoft's native email security within Office 365 creates a significant competitive moat through bundling, though enterprises often seek additional layers of protection for advanced threats that bypass Microsoft's built-in filters.

Valimail has carved out a strong position in DMARC authentication and email deliverability, growing 43% year-over-year by focusing on specialized compliance needs rather than comprehensive threat detection.

Companies like Lacework demonstrate the broader trend toward AI-driven security automation across cloud environments, showing how machine learning can reduce manual security operations beyond just email protection.

Sublime's AI agent framework could extend beyond email to secure Microsoft Teams, Slack, Zoom Chat, and SMS communications. These channels face similar phishing and social engineering attacks but often lack mature detection capabilities.

Expanding into collaboration platforms could increase average contract values by 25-30%, as integrated communication security typically carries higher pricing than email-only solutions. Microsoft's rollout of Teams phishing protection indicates demand and vendor investment in this category.

The same Message Query Language and autonomous agent architecture could adapt to different communication formats while using existing customer relationships for cross-selling.

Corporate adoption of generative AI tools creates new attack vectors including prompt injection, shadow AI data leakage, and compromised Copilot agents. Sublime's policy-based detection engine could identify these threats using similar pattern recognition techniques.

Microsoft's introduction of AI web category filters in Entra signals growing budget allocation for GenAI security controls. Sublime could address this spend by extending its platform to monitor AI tool usage and data flows.

Regulatory requirements create demand for auditable controls around AI tool usage and sensitive data exposure through generative AI platforms.

Sublime's transparent, rule-based detection aligns with compliance-heavy industries including finance, energy, and utilities that must audit security decisions. The company reports a zero enterprise churn rate, a signal of product-market fit that could replicate in smaller market segments.

The open-source community model and self-hostable options reduce barriers to entry for cost-conscious mid-market customers while maintaining upsell potential to enterprise features.

Geographic expansion into markets with strict data residency requirements could use Sublime's self-managed deployment options and transparent detection logic to compete with cloud-only competitors.

AI detection arms race: Attackers are increasingly using large language models to generate more sophisticated phishing. Sublime will need to continuously advance its detection capabilities to keep pace with AI-generated threats. The company's effectiveness depends on maintaining more effective AI models than those used by cybercriminals, which sustains an ongoing technology and R&D investment requirement.

Microsoft competitive response: Microsoft's position in enterprise email through Office 365 gives it advantages in developing native security features that could reduce demand for third-party solutions. If Microsoft substantially improves built-in email security or restricts API access, it could limit Sublime's market opportunity and shift customers toward bundled solutions.

Talent concentration risk: Sublime relies on specialized AI and cybersecurity expertise in a highly competitive talent market. The ability to attract and retain engineers and security researchers affects product development speed and detection accuracy, while competitors with larger budgets may hire away key personnel or outbid for critical hires.