Try our new research platform with insights from 80,000+ expert users

Abnormal Security vs Sublime Security comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Microsoft Defender for Offi...
Sponsored
Ranking in Email Security
1st
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
48
Ranking in other categories
Advanced Threat Protection (ATP) (1st), Microsoft Security Suite (11th)
Abnormal Security
Ranking in Email Security
5th
Average Rating
9.6
Reviews Sentiment
7.9
Number of Reviews
10
Ranking in other categories
Secure Email Gateway (SEG) (1st)
Sublime Security
Ranking in Email Security
23rd
Average Rating
9.0
Reviews Sentiment
7.2
Number of Reviews
1
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Email Security category, the mindshare of Microsoft Defender for Office 365 is 13.1%, down from 19.0% compared to the previous year. The mindshare of Abnormal Security is 7.4%, up from 2.9% compared to the previous year. The mindshare of Sublime Security is 1.3%, up from 0.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Email Security
 

Featured Reviews

Tolu Omolaja - PeerSpot reviewer
Great URL scanning and attachment scanning, but I would like more proactive threat analysis
The two main features that prove most beneficial for us are URL scanning and attachment scanning. URL scanning involves an automatic scan of links and emails. When a user clicks on a link within an email, the system promptly checks the link's safety. If the link is deemed safe, access is granted automatically. However, if it is flagged as unsafe, we receive feedback and notification to caution us about the potentially harmful link. At this point, we are presented with the option to proceed or return. I have personally witnessed the system identify a few unsafe links, making this the primary advantage of using the solution. The second crucial aspect is the scanning of attachments. When an email containing an attachment arrives, we receive a notification of the new email, along with information that the attachment is being scanned for threats. This additional layer of security provides peace of mind for our organization. While Microsoft Defender for Office 365 offers numerous features, these two stand out as particularly impressive and valuable to us.
William Schellhaas - PeerSpot reviewer
Provides comprehensive email security management, effective in detecting a wide range of email threats
The ideal scenario would be for Abnormal Security to work in tandem with Microsoft to analyze incoming emails. This means Abnormal Security would assess emails before they reach my inbox, even if it happens slightly after Microsoft's initial scan. Currently, the process isn't seamless. Microsoft analyzes emails and delivers legitimate ones to my inbox. Abnormal Security then scans these delivered emails, and if flagged as malicious, they disappear. This creates a problem for our ticketing system mailbox, which is a third-party service. Emails sent to the ticketing system address are automatically forwarded by Microsoft. However, if these emails are malicious, Abnormal Security only cleans them from my Outlook mailbox after they've been forwarded. Since we primarily rely on the ticketing system and not the Outlook mailbox, these malicious emails still reach the ticketing system.
LARK IT - PeerSpot reviewer
Easy to setup, stable and highly scalable
The ability for users to look at their own quarantine box needs improvement. So at the moment, it doesn't give you the ability to see every email that has been quarantined. No end-user has the ability to see what's being quarantined. It's only people who have access to the back-end platform that can actually see what has been quarantined. The end user doesn't know if they have an email that has been quarantined, only if they're expecting something that didn't come through. In future releases, I would just like to see that ability for users to see what's being quarantined and what's not quarantined but safe. Just those genuine false positives.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It also gives the vulnerability status according to the versions you have selected. Let's say you have Google Chrome. It mentions the versions it has, and it updates. Within two hours of an update, it is reflected in the dashboard. That's really nice to have."
"The most valuable aspect of Microsoft Defender for Office 365 is its ability to protect us from malware."
"The initial setup is straightforward. You just add the license, click it, and then you can set up the rules. It is quite simple."
"The solution is very easy to use. All you have to do is to assign the license to the end-user and it's done. The customer will only have the feature activated, and the solution will monitor the emails to determine if they are a threat or not."
"The most valuable feature of Microsoft Defender for Office 365 is its spam filter."
"The initial setup was easy."
"The most valuable feature is protection against malicious links, fishing, and impersonation. You can train people to be aware of these threats, but they're not always careful. When they're using their phones between meetings, they click on a link, and it's game over."
"Our customers are satisfied with Defender for 365 because Microsoft products are easy to use and customize to meet the client's needs. Everything is in one place, so we can adjust policies as needed for phishing, DLP, ATP, or any other security features that our clients want to apply."
"It does some really cool stuff that other tools aren't doing. We found it to be really effective, and the AI/ML functionality is really what differentiates them."
"Their ability to take things out of the mailbox and catch things much faster than users is excellent."
"I like Abnormal's threat protection with auto-remediation, but I also love its abuse mailbox feature, which automatically responds to the end user. That feature has a super-valuable security component and helps improve the user experience."
"One of the things that I love about them is that the setup and installation are super easy. All you do is give them access to your Microsoft 365 tenant, and through APIs, they are able to do their work. They are doing all this through APIs, so you do not have to install the software and take a month to get it all set up to even see the value of the solution. You could be up and running in less than an hour."
"What I like about Abnormal Security is that it notifies me if any of my partners or suppliers are experiencing a security breach by analyzing their database and identifying potential cyber threats."
"Initial auto-remediation allows us to auto-remediate before the email lands in the end user's inbox for a split second."
"The features that appeal to me most are the combination of auto-remediation and Detection 360."
"I would recommend Abnormal Security."
"I like its ability to detect and block."
 

Cons

"One area for improvement is support, in terms of being able to reach them and, especially, technical support for configuration."
"The visibility for the weaknesses in the system and unauthorized access can be improved."
"I'd like some additional features any product can give me to protect our environment in a better way."
"The UI needs to be more user-friendly."
"They have moved features from one console to another. Things have been moved around in the interface and it takes me time to find where certain features are."
"Microsoft security solutions work as expected. They are constantly updating the solutions to make them better. At the same time, the changes can impact a customer's environment, and we need to adjust settings. Sometimes we aren't aware of the changes, and nothing is pushed from the backend automatically."
"They can improve their security in a way where a customer can know if all their attachments are safe or not to open through a report. The solution does its job perfectly, but it never reports to the customer whether those attachments have been stopped before or not."
"The certification training for Defender for 365 needs to be deeper and incorporate Sentinel. I took all the security courses except one, and Sentinel isn't included."
"There could be more selectable options and more granular selections available."
"There could be room for improvement in enhancing integration with other cybersecurity tools."
"I, as such, do not have anything that I do not like or would like to add, but you could argue that because they are doing it API-based, there is a chance that something could slip through temporarily before they are able to pull it out. In theory, it could happen just because of the nature of the system. They are not in line with the delivery of the mail. They are kind of asynchronous, which is a pro as well as a con. If it is synchronous, then I know it would always stop them, but because it is asynchronous, things could get through temporarily or because of some system issues on the Microsoft side or their side. It is the nature of the beast, but it is a little bit of a con."
"The biggest pain point for us is the lack of support for on-premise email systems."
"One feature I'd love to see is outbound scanning."
"I would like to have the ability to customize the auto-remediation feature."
"The ideal scenario would be for Abnormal Security to work in tandem with Microsoft to analyze incoming emails."
"Abnormal should add more automatic reports. I have an open request to our account team for more notification and report types that can be sent automatically. For example, they have an awesome report that gets sent weekly, and I also want them monthly, so I don't need to do so much adding up when my director wants numbers over time."
"The ability for users to look at their own quarantine box needs improvement. So at the moment, it doesn't give you the ability to see every email that has been quarantined. No end-user has the ability to see what's being quarantined. It's only people who have access to the back-end platform that can actually see what has been quarantined. The end user doesn't know if they have an email that has been quarantined, only if they're expecting something that didn't come through."
 

Pricing and Cost Advice

"Microsoft Defender for Office 365 comes with Microsoft Windows. It is free with the operating system."
"The pricing is normal. Considering its popularity, it's not overpriced."
"The product is very expensive."
"Microsoft Defender for Office 365 is an add-on to the Office license. Many customers are purchasing this solution."
"It is much more expensive than using another solution because we have had to include some options and upgrade our license."
"I know that the product is incredibly expensive."
"Compared to other brands, Microsoft Defender for Office 365's pricing is competitive."
"For licensing, it's usually a yearly package for customers who are subscribed to Office 365, but they can also pay on a monthly basis."
"The license is based on the user count, so the number of users that have an email address in the organization."
"Overall, we'd certainly prefer lower pricing, but Abnormal Security doesn't seem unreasonable compared to similar offerings in the market."
"The pricing appears fair, and they demonstrate a genuine willingness to work with us on it."
"Abnormal Security, on the other hand, provides the same level of functionality for just over $60,000 – that's half the price!"
"I would rate the pricing of Sublime Security as a seven out of ten. It is reasonably well-priced."
report
Use our free recommendation engine to learn which Email Security solutions are best for your needs.
845,589 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
9%
Manufacturing Company
8%
Government
6%
Computer Software Company
16%
Financial Services Firm
9%
Government
7%
Manufacturing Company
7%
Computer Software Company
15%
Manufacturing Company
9%
University
8%
Financial Services Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Microsoft Defender for Office 365?
Threat Explorer is an invaluable tool for me, and it plays a crucial role in helping me discern the origins of variou...
What is your experience regarding pricing and costs for Microsoft Defender for Office 365?
I don't have detailed specifics on pricing, setup cost, or licensing.
What needs improvement with Microsoft Defender for Office 365?
I am generally satisfied with how it currently is. If I could improve anything, I would reduce the cost.
What do you like most about Abnormal Security?
The features that appeal to me most are the combination of auto-remediation and Detection 360.
What is your experience regarding pricing and costs for Abnormal Security?
I find the pricing to be favorable, but I did not disclose the exact cost.
What needs improvement with Abnormal Security?
There could be more selectable options and more granular selections available.
What do you like most about Sublime Security?
I like its ability to detect and block.
What is your experience regarding pricing and costs for Sublime Security?
I would rate the pricing of Sublime Security as a seven. It is reasonably well-priced.
What needs improvement with Sublime Security?
The ability for users to look at their own quarantine box needs improvement. So at the moment, it doesn't give you th...
 

Also Known As

MS Defender for Office 365
No data available
No data available
 

Overview

 

Sample Customers

Microsoft Defender for Office 365 is trusted by companies such as Ithaca College.
Foot Lcoker, Xerox, Liberty Mutual, Mattel, Boston Scientific
Information Not Available
Find out what your peers are saying about Microsoft, Cisco, Proofpoint and others in Email Security. Updated: April 2025.
845,589 professionals have used our research since 2012.