PlatformAnalysis APIDocsGitHubContact
Log in

Alpha Analysis API

Analyze email with custom rules

Investigate reported phish and analyze downloaded emails using the free

Sublime Analysis API


Use custom or open-source rules to


contact impersonation,

homoglyph attacks,

business email compromise,

and more

Get Started

View rules

Quick Start

# install the Sublime CLI$ pip3 install sublime-cli
# clone our repo of test files, detection rules, and queries$ git clone
# analyze your first message$ sublime analyze -i sublime-rules/emls/reported_phish.eml -r sublime-rules/detection-rules/

Rule CEO Impersonation flagged this message.


Automate reported phish investigations using custom or pre-built queries.


Run custom or community rules to detect phishing attacks like business email compromise and lookalike domains.


Convert raw EMLs and MSGs to a standard JSON data model that's easy to work with.


Find key messages or extract interesting information from a corpus of email messages.

© 2022. Sublime Security, Inc.