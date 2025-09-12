Sublime Security released the Autonomous Detection Engineer (ADÉ), an end-to-end AI agent that turns attack telemetry into transparent and auditable protection that security teams can trust.

Email attacks are advancing as adversaries weaponize generative AI to create highly targeted and rapidly shifting campaigns. Unlike traditional solutions which rely on vendor-initiated coverage updates, ADÉ analyzes new attack patterns to write, test, and validate new tailored coverage. It analyzes historical data at scale, iterates on detection strategies, and submits high-efficacy protections for human review, cutting detection timelines from weeks to hours.

“A key problem organizations face is the speed at which their defensive solutions can adapt and respond,” said Josh Kamdjou, CEO of Sublime Security. “With ADÉ, we’re now offering a team of AI Agents that autonomously generate clear, evolving protections against new attacks within hours, not weeks. Together with ASA, Sublime’s Autonomous Security Analyst, ADÉ provides enterprises with defenses that adapt as quickly as attackers, while preserving the visibility and control that matter most.”

ADÉ is part of a multi-agent system in Sublime’s Platform which is built on four key functionalities to keep human analysts informed, in control, and armed with the insights they need most:

Deep analysis: ASA triages suspicious or user-reported emails and produces a behavioral analysis based on the attack’s Tactics, Techniques, and Procedures.

Detection Engineering: Using ASA’s findings, ADÉ creates deterministic, behavioral, AI-powered detections using Sublimeʼs proprietary Message Query Language (MQL).

Smart refinement and validation: Before any proposal is deployed, ADÉ backtests it across historical data at scale to validate precision, reduce false positives, and confirm that similar past attacks would have been stopped.

Human approval: Analysts remain in control, with the ability to review and approve ADÉ’s recommendations with full visibility into its rationale.

ADÉ is designed to be explainable and transparent, providing learning opportunities for human analysts by generating a summary of detections as new attacker techniques emerge and building processes that explain how it tackled the problem from end-to-end. Protections are environment-specific and developed through a closed-loop system that is constantly learning and improving, avoiding one-size-fits-all updates.

“What’s compelling about ADÉ is the shift from static defenses to a system that actively improves our specific coverage,” said Roger Allen, Senior Director, Global Head of Detection and Response at Sprinklr. “The promise of an agent continuously tailoring and backtesting new protections for our environment is a force multiplier. It means our defenses don’t just work, they evolve—we get the benefit without having to do the work.”