README.md

Sublime Rules

by Sublime Security

This repo contains open-source rules for Sublime, a free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing.

Examples

• HTML smuggling
• VIP / Executive impersonation
• Malicious OneNote files
• Malicious LNK files
• Encrypted zips

Community Rule Feeds

• DelivrTo
• vector-sec
• amitchell516

Learn more

• Blog
• Docs
• Message Query Language (MQL) reference
• Release log

Follow us on Twitter for updates on new rules and detection capabilities.