Skip to main content

Mimecast launches API-based email security

Mimecast introduced an Application Programming Interface (API) deployment of its complete email security protection stack, and the company said the change removed a trade-off between rapid deployment and comprehensive detection coverage.

Mimecast cited findings from its State of Human Risk 2026 report showing that 64% of organizations acknowledged native collaboration tool security controls were insufficient; the report also found 53% reported increased phishing volume and 48% reported rising Business Email Compromise (BEC) attacks that native protections and current ICES solutions failed to stop at scale.

The release described an API architecture that integrated directly with Microsoft 365 and deployed in minutes without requiring MX record changes or mail flow modifications. Mimecast said the API delivered a full detection stack including deep URL and malware inspection, advanced AI-powered engines and behavioral Artificial Intelligence (AI) that identified patterns across email and identity, and that its AI-driven detection engines were trained across 24 trillion data points and hardened across 42,000 organizations, with customers using the new models catching 3x more BEC and credential phishing attacks than traditional methods.

Organizations could choose API or MX-based deployment with identical detection capabilities, and Mimecast said the service connected with more than 350 security vendors across the customer security stack, including CrowdStrike, Okta and Palo Alto Networks, with threat signals captured at the email layer flowing into existing security tools to reduce alert silos and accelerate response.

“Standalone ICES vendors secure email. Mimecast secures the human behind it,” said Ranjan Singh, Chief Technology and Product Officer at Mimecast. “We've invested in AI and detection engineering that the market said couldn't be delivered through API architecture. The result is a fundamentally different approach to email security, one that gives organizations full protection without compromising deployment speed.”

Mimecast said its API-based email security was available globally and that organizations could start a proof-of-value or contact a Mimecast representative.

Provided by Globe Newswire on behalf of Mimecast. Click to read original content.