LEXINGTON, Mass., March 10, 2026 (GLOBE NEWSWIRE) -- Mimecast, a global leader in managing human and AI risk, today announced that its complete email security protection stack is now available through API deployment, eliminating a fundamental trade-off in the market. Current standalone integrated cloud email security (ICES) solutions offered fast deployment but at a cost: these solutions were built only for targeted, sophisticated attacks, quietly relying on native Microsoft or Google controls to handle the volume of everyday threats.

The just-released Mimecast State of Human Risk 2026 report quantifies the cost of that dependency: 64% of organizations acknowledge that native collaboration tool security controls are insufficient, yet many continue relying on them. The consequences are measurable: 53% report increased phishing volume and 48% see rising business email compromise attacks that native protections and current ICES solutions fail to stop at scale.

Mimecast’s API deployment is engineered to deliver the full detection stack, from deep URL and malware inspection to advanced AI-powered engines, through direct Microsoft 365 integration that deploys in minutes without requiring mail exchange (MX) record changes or mail flow modifications.

Threat Detection Capabilities Delivered Through API Architecture

Mimecast's AI-driven detection engines have been trained across 24 trillion data points and hardened across 42,000 organizations globally. Customers using Mimecast's new detection models are catching 3x more business email compromise and credential phishing attacks than traditional detection methods identify — these threats are specifically designed to bypass conventional security.

That detection capability, previously available only through gateway deployment, is now delivered through an API architecture. The API deployment also includes behavioral AI that is engineered to identify patterns across email and identity, along with broad threat protection capabilities that pure-play ICES vendors can’t offer at scale:

• Multi-Vector Threat Protection (MVTP) is built to correlate signals across sender authentication, domain reputation, URLs and content simultaneously, delivering the layered analysis that single-vector ICES engines cannot replicate
• Deep URL Inspection is engineered to deliver time-of-click analysis that catches threats evading pre-delivery scanning
• Advanced BEC Protection is designed to apply modern AI infrastructure across more than 20 languages, detecting impersonation and social engineering at a precision that requires real-world training volume to achieve
• Malware Detection and Active Sandboxing is designed to analyze attachments in isolated environments, catching zero-day threats that signature-based approaches miss
• Account Takeover Protection is engineered to identify post-compromise behavior through identity signal correlation, containing breaches before data leaves the environment
  
  

These capabilities are available today through an API architecture that is built to deploy rapidly.

Choose Your Architecture, Keep Your Full Detection Stack

Organizations can deploy via API or maintain MX-based architecture, with identical detection capabilities across both options. The API deployment is designed to integrate directly with Microsoft 365 in minutes, enabling organizations to test and validate protection without infrastructure changes.

Regardless of deployment model, Mimecast connects directly with more than 350 security vendors across the customer security stack, spanning endpoint, XDR, SIEM, SOAR, data protection, threat intelligence and identity. Threat signals captured at the email layer flow automatically into the tools security teams already rely on, eliminating alert silos and accelerating response. Organizations gain immediate value from their existing investments in platforms like CrowdStrike, Okta, Palo Alto Networks and many others.

"Standalone ICES vendors secure email. Mimecast secures the human behind it," said Ranjan Singh, Chief Technology and Product Officer at Mimecast. "We've invested in AI and detection engineering that the market said couldn't be delivered through API architecture. The result is a fundamentally different approach to email security, one that gives organizations full protection without compromising deployment speed.”

A Connected Suite of AI-Driven Human Risk Solutions

Unlike standalone ICES solutions, Mimecast's API deployment connects to the broader Mimecast Human Risk platform. Email threat signals feed directly into the Human Risk Command Center, where they are correlated with user behavior, identity data, insider risk indicators and generative AI activity, giving CISOs a unified view of organizational risk. From that single view, organizations can detect threats, change behavior, protect data and prove compliance across three integrated solution areas:

• Security Behavior Management translates email threat detections into targeted interventions. When a user clicks a malicious link or falls for a phishing simulation, in-the-moment behavioral nudges and adaptive training turn the threat event into a teachable moment that reduces repeat risk.
• Insider Risk Management & Data Protection extends protection from external threats to insider risk, correlating email activity with file movement, data exfiltration patterns and identity signals to identify when trusted users, whether negligent, compromised or malicious, pose a risk to sensitive data before damage occurs.
• Governance Compliance & Insights provides complete visibility into collaboration data across email and connected platforms. Legal, compliance and security teams gain search, discovery and audit capabilities, ensuring that the same environment being protected is also fully governed and audit ready.
  
  

All Mimecast email security customers benefit from increased visibility, correlation and efficacy of the Mimecast advanced protection engines, which are consistent across both API and MX-based deployments.

Mimecast API-based Email Security is available now globally. Start a risk-free proof-of-value here or contact your Mimecast representative.

About Mimecast

Mimecast is a global cybersecurity and data governance leader redefining how organizations secure human risk. Its AI-powered, API-enabled connected human risk platform is purpose-built to protect organizations from the spectrum of cyber threats. Integrating cutting-edge technology with human-centric pathways, our platform provides enhanced visibility and strategic insight.

By enabling decisive action and empowering businesses to protect their collaborative environments, our technology safeguards critical data and actively engages employees in reducing risk and enhancing productivity. More than 42,000 businesses worldwide trust Mimecast to help them keep ahead of the ever-evolving threat landscape.

From insider risk to external threats, customers get more with Mimecast. More visibility. More agility. More control. More security.

Mimecast and the Mimecast logo are either registered trademarks or trademarks of Mimecast Services Limited in the United States and/or other countries. All other third-party trademarks and logos contained in this press release are the property of their respective owners.

Press Contacts
Tim Hamilton
Director, Public Relations Management
+1 603-918-6757
thamilton@mimecast.com

General inquiries
press@mimecast.com