Faster detection, fewer threats, zero compromise

Email and collaboration suites remain the top entry point for attackers—and while it can often feel like the target is the inbox, the reality is that it's the human behind it. A successful phish is just the beginning: credential harvesting, lateral movement, and privilege escalation follow. 

Today's threats are layered, adaptive, and AI-powered, engineered to outpace humans and the defenses built into the platforms most organizations already rely on. The answer can't be more complexity or yet another tool bolted onto an already strained stack. 

That’s why this March, Mimecast is introducing a new wave of threat protection capabilities built around what our customers have told us they need most: freedom of choice, simplicity, and efficacy. Here's what's new, and why it matters.

Freedom of choice: advanced protection, your way

Every organization has a different environment. Not every organization should have to compromise on protection because of it. That's why Mimecast's flagship email security platform is now available through API-based deployment—bringing full enterprise-grade protection to organizations wherever they are. Whether you deploy via API or MX, you get the same detection stack, the same threat intelligence, the same AI platform, the same console. The architecture flexes. The security doesn't.

This matters because native email defenses can now cover the baseline well, but threat actors are specifically trained and specialized on how to bypass them, and baseline security just isn’t enough. Processing over 1.7 billion emails daily across over 43,000 organizations, Mimecast's AI platform continuously learns across the full threat spectrum—delivering API-based detection and automated remediation against every threat type: payload-based, payloadless, and unwanted emails. It's a depth of coverage few competitors can match.

Simplicity: built in, switched on, outsourced, ready to go

A lot of organizations today favor security that works in the background—invisible, effortless, effective. Mimecast API-based protection was built on that principle. A redesigned policy engine organizes protection around three intuitive threat families—malware, phishing, and spam—with best-practice defaults built in and a catch-all hierarchy that covers every user from the moment the connection is made. No complex tuning required.

Operational simplicity is also the philosophy behind Mimecast Email Incident Response (MEIR), our managed service that looks after user-reported messages. Since January, AI automatically surfaces related phishing campaigns the moment a new one is flagged—collapsing a manual, hours-long process into a single click. Auto-classification of non-urgent emails has jumped 41%, and messages are triaged and supported 24/7 by the Mimecast SOC. The outcome: an 82% reduction in mean time to respond and 78% reduction in mean time to resolve—not by replacing analysts, but by using smart AI to our advantage to change what they need to focus on.

Account Takeover Protection extends that simplicity to one of the hardest threats to detect. With attackers averaging 24 days inside a compromised environment (Verizon DBIR), fast visibility is everything. Mimecast automatically flags anomalous behavior—unexpected logins, outbound phishing campaigns being launched, suspicious IP addresses being used—and surfaces those accounts directly, even into your existing SIEM and SOAR workflows if needed. Because ATO isn't an edge case—it's a baseline threat—we have included this functionality at no additional cost on Critical, Advanced, and Premium plans.

Efficacy: intercorrelated detection that catches what others miss

Modern phishing attacks are engineered to evade. Attackers deliberately fragment signals across senders, domains, URLs, and content—knowing tools that scan each layer in isolation will miss what only becomes visible when those signals are read together. Our Multi-Vector Threat Protection was built on exactly that insight, deepening correlation across over 40 inspection layers to surface the malicious patterns attackers work hardest to obscure.

The results are concrete: in a controlled rollout across 20% of our customer base, Multi-Vector Threat Protection detected three million additional multi-vector phishing messages in just a few months—at a false positive rate below 0.002%. Catching more while alerting less noise is the standard security teams need. Multi-Vector Threat Protection is now enabled by default for every Mimecast Email Security customer globally, with every detection surfacing automatically in Analysis & Response under a dedicated Multi-Vector subcategory—giving teams the context to understand exactly what was caught and why.

Threats don't stop at language barriers, and neither do we. Advanced BEC Protection now covers over a dozen additional languages, delivering consistent, high-efficacy detection to every corner of your global workforce.

The bigger picture

Securing the email inbox and collaboration tools is where protection starts, not where it ends.

Every threat that targets a user creates a signal: about their exposure, behavior, and risk profile. Mimecast Threat Protection is the first layer of a broader strategy—one that connects email and collaboration security to security behavior management, data protection from insider risk, and governance across the entire digital workforce. When a user clicks a suspicious link, falls for a simulation, or triggers an anomalous login, that event feeds our Human Risk Command Center that scores, adapts, and responds—helping security teams focus on the humans who need attention most, before the next attack finds them.

The capabilities announced this spring—flexible API-based deployment, AI-powered incident response, account takeover alerting, intercorrelated multi-vector detection—are powerful on their own. But together, they're about how Mimecast is redefining what it means to secure the human layer at enterprise scale.

Attackers are getting smarter. Your defenses should too—with Mimecast, they already are.

See a demo video or request more information →