IRONSCALES Unveils 3 Targeted AI Agents to Boost Preemptive Email Security

In a major shift to provide proactive rather than reactive email security for customers, IRONSCALES has included three new specialized agentic AI agents in the latest Winter 2026 release of its AI-powered email security platform. The Atlanta, Georgia-based vendor has also integrated new outbound email encryption in the latest release, as well as enhanced Microsoft Teams deepfake protection.

The three new AI agents, called Red Teaming, Phishing SOC, and Phishing Simulation, were created by IRONSCALES to help business IT users better protect their email communications as threats from AI-powered cyberattacks continue to grow, according to the company.

Each of the AI agents has specific email security targets for enterprise and SMB users.

The Red Teaming agent is designed to mimic what an attacker would “see” when evaluating a potential business target’s attack exposure. This includes scanning company content, including social media, press releases, and job postings, to map security weaknesses, then strengthening a company’s attack detection protections before an incident occurs.

The Phishing SOC agent is built to quickly and automatically provide deeper Level 2 forensic investigations of suspicious emails in minutes, delivering a thorough security assessment in response to serious attack models. The Phishing Simulation agent performs personalized attack simulations using open source intelligence (OSINT) data to help train company employees to identify and respond to real attacks against the organization.

“We scoped our three AI agents around a specific framework: anticipate, investigate, and educate,” James Savard, senior product marketing manager for IRONSCALES, told ChannelE2E. “For MSPs managing dozens to hundreds of clients, this translates into a more personalized security posture for each client without hiring additional service and technical support talent.”

More Details on the Bolstered Encryption and Microsoft Teams Features

The new email encryption and Microsoft Teams deepfake protection enhancements in the company’s winter release are also aimed at helping MSPs and other channel partners provide broader services and protections for their customers, Savard said.

IRONSCALES now provides voice detection for Teams, which is designed to catch voice impersonation even when cameras are off, according to Savard.

“We shipped email encryption in this release, extending the platform to outbound data protection so partners can position one platform for both inbound threat defense and compliance-aligned outbound controls,” he said. “Every capability in this release was built to help our partners stay ahead of attacks and shifting compliance mandates.”

Savard said the new agentic capabilities are designed to address problems experienced by MSP partners and give them more tools to manage their customers’ email environments.

“Our Adaptive AI learns from threats across 17,000-plus organizations, and that collective intelligence is a real advantage,” said Savard. That real-world data is then used to train and inform the IRONSCALES platform. “For our MSP and channel partners managing multiple client environments, these updates simplify deployment and expand coverage against this rising attack vector.”

In addition, IRONSCALES has added a dedicated Canadian data residency (storage) environment on Canadian soil, which will allow the company to expand its services to customers whose data must legally remain in Canada. Customers in regulated industries in Canada are required by law to keep their data stored within the nation’s borders. This requirement previously prevented IRONSCALES from working with companies there to provide its services. For channel partners, this change will unlock new revenue and business opportunities with customers in Canada.

“The new Canadian data center unlocks high-value regulated verticals with long client lifecycles that were previously out of reach for our partners,” said Savard. “Canadian data residency requirements have ended more partner conversations than any technical limitation. That barrier is now removed. Our partners can grow revenue per client through encryption and these advanced agentic capabilities, pursue new geographies and verticals, and build a practice that is differentiated against competitors still selling reactive detection.”