Sublime Security has launched a new channel partner program, shifting to a 100% channel-led model and putting partners at the center of its go-to-market strategy. With email security a major pressure point for customers as phishing, business email compromise, and social engineering attacks continue to create risk for organizations, many security teams are already stretched thin. For partners, this creates an opening to bring customers more adaptive email security without adding more manual work to the security team.
What 100% Channel-Led Means
Sublime said the program includes partner-led opportunities, predictable recurring margins, deal protection, performance incentives, and dedicated partner resources. The company is also adding technical enablement, accreditation programs, hands-on training, sales playbooks, and joint marketing support.
Timm Hoyt, VP of Worldwide Partners & Alliances, Sublime Security, told ChannelE2E that the company is trying to connect its channel message to how deals are actually handled.
“We are doing more than claiming we’re 100% channel-led, we are connecting words to action,” Hoyt said. “This is different from others who claim the same, but often make exceptions to the rule and cut out partners. Although we’re early in our journey, we have ample evidence points of our commitment to ‘how’ we win together with partners. This includes advocating for partners in customer discussions, creating recurring protected margin potential for partners, as well as inspiring incremental monetization opportunities through professional and managed services, in addition to the sale of adjacent solutions with technology alliances.”
Partners do not just want a vendor to say it supports the channel. They want clear rules around account engagement, deal protection, and where services revenue can be built around the platform.
Hoyt said Sublime’s end-user sales team may still engage directly with customers, but that engagement is meant to happen with a partner plan in place.
“Customers are not owned by anyone, rather we are here to serve their needs – together,” Hoyt said. “We have defined sales processes for how we distribute Sublime-sourced opportunities to the most capable partner, and we remain loyal with the partners that introduce new opportunities to Sublime.”
Email Security Still Has Room for Channel Growth
Email security is a crowded market, and many MSPs and MSSPs already support secure email gateways, phishing tools, and adjacent security platforms. The partner question is simple: why introduce another email security vendor into an existing customer environment?
Hoyt said the answer is operational control. He pointed to Sublime’s distributed detection model, which lets service providers deploy organization-specific detections without waiting on vendor queues.
“Crowded it may be, however, never before has a MSP or MSSP had the ability to provide bonafide value to a customer with their email cybersecurity challenges,” Hoyt said. “The reason is that up until Sublime, the answer was solely in the hands of the vendor, never the service provider. With Sublime’s distributed detection model (DDM) architecture, service providers now have independence from vendor bottlenecks by deploying org-specific detections without waiting on vendor queues. This opens up a massive new addition to their service catalog that will facilitate customer retention and new customer acquisition.”
For MSPs and MSSPs, that is the more important channel angle. Email security is not only a resale motion. If partners can tune detections, reduce manual review and respond faster, the platform can become part of a managed service.
AI Agents and Analyst Workload
Sublime’s platform uses AI agents to help automate email threat triage and detection engineering. The company released its
Autonomous Security Analyst and Autonomous Detection Engineer, designed to investigate and triage threats in seconds and deploy new tailored defenses in hours.
Hoyt said the value for partners comes from transparency and efficiency, especially when analysts need to understand why something was flagged.
“The architecture is built around transparency and efficacy: two things that are hard to claim, but easy to verify with Sublime,” Hoyt said. “Unlike black-box solutions where an analyst has to trust a verdict without understanding why, Sublime provides clear reasoning. This means analysts spend less time second-guessing detections and more time on actual response. Because organizations can build and refine detection logic specific to their environment, they're not working through a backlog of false positives generated by rules that weren't written with their environment in mind. This results in better customer outcomes and maximized profit and employee efficiency for the service provider.”
That point is relevant for service providers because alert quality directly affects margins. If a tool creates more review work than it removes, the partner absorbs that cost. If it reduces false positives and speeds triage, the provider has a stronger case for adding it to a managed security service.
Hoyt also pointed to Sublime’s two AI agents as proof points that partners can bring into customer conversations.
“The Autonomous Security Analyst (ASA) investigates and triages threats in seconds, replacing manual triage with near-instant verdicts,” Hoyt said. “The Autonomous Detection Engineer (ADE) deploys new, tailored defenses against threats in hours rather than waiting on a vendor update cycle.”
Partner Economics Matter
The channel program also reflects a broader reality in cybersecurity sales: partners want clean economics. Sublime is positioning the program around recurring margins, deal protection, and incentives, which are the pieces partners typically look for before investing time in a newer vendor relationship.
Hoyt said Sublime sees partner value extending beyond resale.
“And when our service providers incorporate Sublime’s autonomous AI agents, it drives better customer outcomes, service provider employee productivity, and ultimately boosts their EBITDA by empowering their staff to work smarter, not just harder,” Hoyt said.
That is where the program is relevant for MSPs and MSSPs. The opportunity is not only to replace an email security tool. It is to build a service around faster triage, customer-specific detections and less dependence on vendor-led update cycles. Sublime’s launch reflects a continued demand for email security that can keep pace with more targeted and AI-assisted attacks. Customers still need protection at the inbox, but they also need faster investigation, clearer visibility, and fewer manual handoffs. Sublime’s 100% channel-led shift is putting partners in the middle of that sales and service motion. The real test will be whether partners can turn the platform into practical customer outcomes: faster triage, better detection coverage and less time spent chasing email threats manually.
