How ASA thinks: The technical architecture of Sublime's Autonomous Security Analyst

Sublime has introduced ASA, an Autonomous Security Analyst that utilizes a security-specific language model to autonomously handle email threat triage, remediation, and communication, thereby reducing mean time to respond without increasing workforce size. ASA, praised for transforming manual review processes from days to minutes, employs a proprietary knowledge base and a suite of analytical tools to conduct comprehensive threat assessments, mirroring human analysts' capabilities. It uses subagents for parallel task execution, enhancing efficiency and adaptability in complex scenarios, while maintaining transparency with citation-backed verdicts. ASA operates under a privacy-first architecture, ensuring data security by not retaining raw email content and allowing users to choose deployment models. Future enhancements include advanced link exploration and the ability to integrate organization-specific security policies. ASA exemplifies Sublime's open security philosophy by combining agentic AI with an accessible toolset, promoting human-AI collaboration in email security.