Loading...
Mimecast logo

Mimecast

mimecast.com ↗ Enterprise 2 sectors

About Mimecast

Mimecast is a Gartner Magic Quadrant Leader (December 2025) offering a Human Risk Management platform that combines email security, insider threat protection (via Code42 Incydr acquisition), data governance, and security awareness training. The platform provides both SEG and API deployment options with identical detection capabilities. AI-powered engines trained on 24 trillion data points detect 3x more BEC and credential phishing than traditional methods. Key products include Advanced Email Security, TTP (URL/Attachment/Impersonation Protect), DMARC Analyzer, Email Archive, and Engage Security Awareness. Integrates with 350+ security vendors. Best for enterprises requiring comprehensive email security with strong archiving and compliance.

Why Notable

Gartner MQ Leader 2025; strong global operations and partner program; Gartner notes repackaging increased licensing complexity; acquired Code42, Elevate Security, Aware

Sector Coverage

Email Security: Evaluation & Deployment

Gartner MQ Position (Dec 2025) Leader
Gartner Peer Insights Score 4.5
Deployment Model SEG/API Hybrid
Pre-Delivery Blocking Yes
MX Record Required Optional (SEG mode)
Deployment Speed Minutes for API, hours for SEG
Supported Platforms Microsoft 365, Google Workspace, on-premises Exchange
Admin Console Unified
Licensing Model Per-user subscription
Licensing Notes Multiple plans: Email Security, Core, and Total plans with modular add-ons
Primary Market Enterprise, Mid-market
MSP Support Yes - MSP partner program

Feature Coverage

2026 Innovations

3x BEC detection improvement full Enhanced detection vs traditional methods
Gateway-grade API security full Full SEG capabilities via API deployment
March 2026 Platform Launch full Next-gen human risk protection for AI age

API & Integrations

QRadar extension full Processes SIEM, Audit, and TTP event data in IBM QRadar.
QRadar v3 extension full Processes SIEM, Audit, Data Leak Prevention, and TTP event data using QRadar.
Splunk integration full Respects Admin IP ranges and supports optimized MTA log structures through API 2.0 Gateway.
Microsoft Sentinel integration full Configure Mimecast Audit Logs and other connectors in Microsoft Sentinel.
Microsoft Sentinel analytic rules full Sentinel v3.1.0 includes analytic rules.
Microsoft Sentinel playbooks full Sentinel v3.1.0 includes playbook setup.
Sumo Logic integration full Visualize email activity, spam detection, TLS, URL Protection, and virus detection.
LogRhythm integration full Downloads email and audit events ready for collection by LogRhythm.
API 1.0 application management full Add, change, enable, disable, and delete API applications in the console.
API 2.0 application management full Create, update, delete, and regenerate keys during migration to Integrations Hub.
SIEM API endpoints full Email Security Cloud Gateway adds SIEM APIs through API 2.0.
Threat and Security Statistics APIs full Provide hourly or daily aggregated threat stats.
Threat statistics dashboards full Stats APIs allow customers to build dashboards or reports in their own tools.
Okta Evidence Based Controls integration full Uses Mimecast threat detection and group management within Okta to manage risky users.

Administration

Administration Console full Manage user accounts, configure policies, review logs, and troubleshoot email delivery.
Managing administrators full Cloud Integrated includes administrator management and authentication methods.
Administrator roles full Roles are collections of permissions controlling access to console functionality.

Administration Role

Protected Super Administrator full Controls which menu items and protected-content functions other admins can access.
Security Administrator full Has access to Role Editor to manage roles and administrators.

Advanced Email Security

AI-powered detection full Uses purpose-built AI and advanced machine learning to stop sophisticated threats.
Deployment flexibility full Choose email security delivered with or without a gateway.
Security operations simplified full Integrates with other security tools to unify visibility and automate workflows.
Integrated protection for email and collaboration full Unifies email and collaboration security with one integrated platform.
Tame complexity full Consolidates services and tailors protection regardless of infrastructure complexity.
Connected protection full Connects protection across tools and workflows.
Advanced BEC Protection full Blocks advanced BEC threats and surfaces targeted users.
250+ partner integrations full Extensive technology-alliance ecosystem for sharing intelligence and workflows.

Archive & Compliance

Cloud Email Archive full Long-term email retention for compliance
Continuity services full Email availability during outages
Litigation hold full Legal preservation of email data
eDiscovery capabilities full Legal search and export functionality

Archive for MS Teams

Archive for Microsoft Teams setup full IM Sync task setup for Microsoft Teams.
Archive for Microsoft Teams configuration full Configure a task to archive and index Teams instant messages.
IM Sync tasks for Teams full Uses Administration > Services > IM Sync tasks.

Authentication

End user authentication methods full Mimecast supports configurable end-user authentication methods.
Integrated Windows Authentication (IWA) full Supports IWA configuration with prerequisites, profile creation, IP restrictions, and validation.
Personal Portal SSO full Supports IdP-initiated and SP-initiated SAML SSO for Mimecast Personal Portal.
Personal Portal MFA enablement full Personal Portal SSO setup includes MFA enablement.

Aware Governance

Collaboration data protection full Security for Teams, Slack, and file sharing
Data governance policies full Automated policy enforcement for data handling
Regulatory compliance full Support for GDPR, HIPAA, and industry standards

Aware Governance & Compliance

Aware collaboration data protection full Protects collaboration data from data loss, non-compliance, and security threats across Slack and Teams.
Teams compliance monitoring capability full Blog states compliance solution can monitor, investigate, and govern Microsoft Teams.

Awareness Training

Awareness Training overview full Overview of functionality and benefits for administrators.
Awareness Training FAQ full Public FAQ covers modules and platform behavior.
Program Overview full Program Overview page surfaces key user and reporting information.
Reporting & Insights full Provides reporting and summary boards.
Targeted Training Campaigns full Allows targeted training campaigns for chosen user groups.
Schedule Training Modules full Allows scheduling of training modules organization-wide.
Custom Modules upload full Admins can upload custom module content.
Inactive user groups full Can exclude groups of inactive users from training notifications.
SMTP and URL allowlisting guide full Lists SMTP addresses and domains that must be allowed.
Risk scoring full Assigns timely, accurate user and organizational risk scores updated daily.
Daily updated risk ratings full Risk ratings are updated daily.
Module reordering full Admins can switch around the order of modules.
Module deletion full Admins can delete less relevant modules.
Additional modules catalog full Additional modules can supplement default program content.

Best Practices

Security recommendations full Recommendations include user access management, 2-step auth, TTP, device enrollment, TLS, LDAPS, and journaling.

Cloud Email Security

URL real-time scanning full Provides real-time scanning and blocking of suspect websites.
Attachment sandboxing full Sandboxes suspected attachments to prevent malware and credential theft.
100% anti-virus SLA full Cloud email security copy cites 100% anti-virus service level.
99% anti-spam SLA full Cloud email security copy cites 99% anti-spam service level.

Collaboration Threat Protection

Collaboration Threat Protection full Defends against attacks through Teams, OneDrive, and SharePoint.
Real-time scanning across Teams/SharePoint/OneDrive full Service update announced advanced protection with real-time scanning and detection across those services.
Collaboration security for Microsoft Teams full Dedicated collaboration protection page covers Teams, OneDrive, and SharePoint scenarios.

Commercial Packaging

Multiple plans fit organization needs full Mimecast offers multiple plans designed to meet different organization requirements.

Continuity

Continuity full Ensures email continuity during disruptions.
Continuity Monitor full Alerts administrators to mail-flow disruption.
Detection algorithms full Continuity overview references detection algorithms.
Inbound traffic monitoring full Continuity overview references inbound traffic monitoring.
Outbound traffic monitoring full Continuity overview references outbound traffic monitoring.
Failure thresholds full Continuity overview references failure thresholds.
Notification settings full Continuity overview references notification settings.
Continuity prerequisites full Prerequisites guide exists for continuity setup.
Continuity Events full Supports creating, managing, ending, and cloning continuity events.
Continuity user notifications full Continuity Events guide covers user notifications.
Continuity SMS alerts full Continuity Events guide covers SMS alerts.
SMS Continuity Services full Dedicated SMS continuity service for informing users during outages.
Continuity troubleshooting full Troubleshooting guide addresses server outages, Microsoft 365 disruptions, and Mimecast interruptions.
Outlook continuity mode full Mimecast for Outlook checks for continuity events every three minutes.
Return to normal mode automatically full Users are automatically switched back once continuity mode ends.
Personal Portal inbox during continuity full Personal Portal supports inbox access during continuity events.
Compose and forward during continuity full Personal Portal inbox supports composing and forwarding messages.
Message delivery status view full Personal Portal inbox includes delivery-status checking.

DMARC & Brand Protection

DMARC Analyzer full DMARC implementation and monitoring platform
Domain spoofing prevention full Protection against unauthorized domain use
Microsoft compliance support full April 2025 Microsoft bulk email requirements
SPF/DKIM/DMARC validation full DNS authentication and compliance checking

DMARC Analyzer

DMARC Analyzer free checker full Provides free DMARC record validation.
SPF record check tool full Provides a free SPF record check tool.
DKIM record check tool full Provides a free DKIM record check tool.
BIMI record check tool full Provides a free BIMI record check tool.
Gain visibility into all email senders using your domain full Separates legitimate from fraudulent senders and blocks unauthenticated mail.

Directories

Managing user email addresses full User email addresses can be managed manually or automatically.
SMTP submission requirement full Two-factor authentication must be disabled for users to submit via SMTP authentication.

Email Archive

Cloud Archive full Independent, 100% cloud-based archive for information archiving and governance.
Simplify compliance full Supports IT, Legal, Compliance, and HR response to inquiries and audits.
Keep data secure full Protects against accidental and malicious data loss with a multi-purpose archive.
Legacy archive migration full Quick migration away from outdated legacy archives.
Accelerate e-discovery full Provides self-service tools to collect, discover, preserve, and review collaboration data.
Compliance with evolving regulations full Supervision provides review, escalation, export, and reporting tools.
Ultimate backup and protection full Sync & Recover protects files, folders, contacts, tasks, and notes.
Archive for Microsoft Teams full Preserves reliable, secure, encrypted copies of Microsoft Teams data.
Legal hold and eDiscovery use case full Reduce time spent supporting legal hold and eDiscovery inquiries.
Partner integrations for archive full Integrates with partners for Teams, Zoom, Slack, mobile comms, and collaboration capture.

Email Protection Software

Cloud-based email protection software full Combines security, continuity, and archiving in a cloud-based platform.
Email continuity capability full Delivers continuity alongside security and archiving.
Archiving capability full Includes archiving to simplify management and reduce risk.

Email Security System

Multiple layers of protection full Cloud-based multi-layered defenses adapt quickly against new threats.
Always-on protection full Always-on and always up-to-date cloud protection.
Always up-to-date protection full Cloud delivery avoids complexity and stale defenses.
Massively scalable MTA full Scalable mail transfer agent serves as a cloud email bridgehead.
Advanced spear-phishing protection full Designed to stop spear-phishing and similar sophisticated attacks.
Threat intelligence updates automatically full Threat intelligence updates instantly and automatically.
Sensitive-data leak controls full Provides control over sensitive data to protect against leaks.

Email Solutions

Mailbox Continuity full Mailbox Continuity enables mail flow during disasters and planned outages.

Engage Security Awareness

Human risk signals full Behavioral indicators for training prioritization
Phishing simulations full Real-world attack simulation campaigns
Security culture metrics full Measurement of organizational security posture
Security Awareness Training / Engage full Makes employees a trusted first line of defense and reduces human risk.
Human risk signals in awareness full Public messaging emphasizes awareness training informed by human risk signals.
Continuous intervention and training full Product page positions Engage as continuous intervention and training.

Governance & Compliance

Archive administration guides full Archiving guides cover admin guides, features, Simply Migrate, and troubleshooting.
eDiscovery administration guide full Covers search, compliance review, litigation holds, and retention adjustments.
Teams compliance monitoring full Mimecast compliance solutions can monitor, investigate, and govern Microsoft Teams.

Human Risk Command Center

Centralized Human Risk Operations full Requires user risk assessment, behavioral nudges, preventative controls, and adaptive policies.
Risk Scoring full Core human risk operation.
Behavioral Nudges full Core human risk operation.
Preventative Controls full Core human risk operation.
Adaptive Policies full Core human risk operation.
Cross-tool behavioral-data aggregation full Aggregates behavioral data from email, endpoint, identity, and DLP tools.
Dynamic risk scoring full Continuously updates risk scores based on observed behaviors.
Behavioral correlation analytics full Identifies complex risk patterns by analyzing behavior combinations.
Just-in-time detection full Behavioral nudges trigger automatically when risky actions are detected.
Multi-channel intervention delivery full Interventions can be delivered through email, Slack, or Microsoft Teams.
Ongoing effectiveness tracking full Adjusts nudge frequency based on behavior and compliance metrics.

Human Risk Management

Human risk integration in Incydr full Incydr integrates with Mimecast’s human risk management platform and scoring.

Incydr Data Protection

50% faster investigations full Reduced time for high-risk incident response
Agentic AI automation full Mihra AI agents for detection and investigation
Incydr Instructor full 90+ video lessons for just-in-time security training
Incydr Risk Indicators full Hundreds of signals for data, user, and destination context
Insider threat detection full Detection of data exposure, leak, and theft
Shadow AI protection full Visibility into unauthorized AI tool usage
Under 6-month ROI full Rapid time-to-value with minimal admin overhead
Incydr SSO from Mimecast AdCon full Incydr integrates with Mimecast platform SSO.
Incydr exfiltration events in scoring full Incydr uses data exfiltration events in scoring.
Insider threat response acceleration full Public messaging positions Incydr for insider-risk management and response.

Mail Security Services

Large File Send full Secure large file transfer up to 2 GB from within the mailbox.

Onboarding

Email Security Cloud Integrated getting started full Covers prerequisites, protection modes, Microsoft 365 integration, threat scanning, and upgrades to Monitor/Protect modes.
Email Security Setup Wizard full Prepares accounts, directory integrations, inbound/outbound mail, journaling, and firewall settings.
Onboarding checklist full Covers domain validation, deployment choice, DNS changes, anti-spoofing, MX/SPF, outbound IPs, credentials, and relay/forwarding config.
Deployment option: Gateway full Onboarding checklist includes choosing gateway deployment.
Deployment option: Integrated full Onboarding checklist includes choosing integrated deployment.
Directory integrations full Setup wizard prep includes configuring directory integrations.
Inbound mail configuration full Setup wizard prep includes inbound mail configuration.
Outbound mail configuration full Setup wizard prep includes outbound mail configuration.
Journaling setup full Setup wizard prep includes journaling setup.
Firewall security prep full Setup wizard prep includes firewall security settings.

Platform

Human Risk Management Platform full Unified platform for safeguarding collaboration with integrated protection across email, chat, and file sharing.
Human Risk Command Center full Monitor and respond to human risk in real time.

Platform & Architecture

24 trillion data point training full AI models trained on massive email dataset
350+ vendor integrations full Connectors for SIEM, SOAR, XDR, endpoint, and identity
42,000 customer base full Detection hardened across global customer network
API deployment option full Full protection stack via Microsoft 365 API integration
Human Risk Management Platform full Unified platform for email, data, and human security

Policy Framework

Policy basics full Policies support sender/recipient criteria, validity settings, and envelope/header address handling.
Policy sender criteria full Policies can apply based on sender criteria.
Policy recipient criteria full Policies can apply based on recipient criteria.
Policy validity settings full Policies support validity windows/settings.
Envelope (P1) vs Header (P2) handling full Policy basics explains differences between envelope and header addresses.
Out-of-the-box protection settings full Mimecast ships default protection settings that can be amended.

Product

Advanced Email Security full AI-powered protection against sophisticated email attacks.
Incydr Data Protection full Addresses insider threats and protects critical data.
Aware Governance & Compliance Suite full Protects collaboration data from loss, non-compliance, and security threats.
Engage Security Awareness full Re-envisions security awareness with human risk signals.

Product Suite

Collaboration Threat Protection full Defends against attacks launched through Microsoft collaboration tools.
DMARC Analyzer full Protects brand reputation, increases deliverability, and combats spoofing.
Email Archive full Ensures data is never lost and simplifies compliance/eDiscovery.

Secure Email Gateway

Social engineering defense full Defends against social engineering and BEC with AI.
QR code protection full Blocks quishing attacks with QR-code detection and deep URL scanning.
Granular controls full Customizable policies and configurations provide flexible control.
Simplified integrations full Offers over 250 partner integrations for threat sharing and enhanced detections.
100% cloud-native secure email gateway full MX-based protection is delivered as a 100% cloud-native SEG.
M365 added protection full Provides stronger protection than native Microsoft 365 controls.
Complex environment support full Designed to manage and secure complex email environments.
Dynamic threat intelligence feeds full Uses dynamic threat intelligence feeds to determine which emails are malicious.
Inbound email scanning full Scans inbound email for malicious content.
Outbound email scanning full Scans outbound email for malicious content.
Internal email scanning full Scans internal emails for threats and policy issues.

Security Email Services

Virus and malware protection full Provides 100% email virus protection and zero-hour anti-malware protection.
100% availability SLA full Security email services cite a 100% availability SLA.

Services

Mimecast support packages full Technical support packages with Basic, Advanced, and Premium tiers.

Solution Pillar

Email & Collaboration Threat Protection full Protect email and collaboration tools against sophisticated attacks.
Insider Risk Management & Data Protection full Protect critical data and accelerate response to insider threats.
Data Governance, Compliance & Insights full Support regulatory and corporate standards with governance and compliance tooling.
Security Behavior Management full Identify human risk and drive behavior change.

Support Packages

Support package: Basic full Basic support package tier.
Support package: Advanced full Advanced support package tier.
Support package: Premium full Premium support package tier.
Online support case management full Available in all tiers with faster response times in higher tiers.
Mimecaster Central Support Community full Included in support packaging.
Robust reporting and account assessments full Included across support tiers.
Access to Knowledge Base full Support packages include access to Mimecast Knowledge Base.
Dedicated Technical Account Manager full Higher-tier support includes more tailored expertise and service.
Training services full Support offers training to educate teams and maximize solution value.

Sync & Recover

Sync & Recover overview full Overview of Sync & Recover functionality in the admin console.
Sync & Recover integrated configuration full Cloud Integrated guide covers configuration, export, and reporting.
Sync & Recover getting started full Entry page lists required Sync & Recover guides.
Managing synchronization tasks full Create and manage mailbox-archiving synchronization tasks.
Export and restore queues full Guide covers export and restore queues.
Managing mailboxes full Admins can display mailbox sync details and export/restore data.
Mailbox snapshots full Create point-in-time mailbox snapshots and restore/export/download content.
Message recovery full Recover lost email content and restore mailbox data.

Synchronization Engine

Mailbox Folder Replication full Continuously extracts folder and message metadata from Exchange mailboxes.
Structured archive view full Replicated mailbox data can be accessed in a familiar folder structure.
Open Authentication (OAuth) for MSE full Mimecast Synchronization Engine supports OAuth modern authentication.

TTP

Attachment Protect full Safeguards against malicious attachments by replacing them with clean, transcribed versions.
URL Protect full Builds on gateway services to defend against advanced phishing and spear-phishing attacks.
Impersonation Protect full Safeguards against whaling, phishing, and impersonation attacks.

TTP Attachment Protect

Original attachment secure access full Secure access to originals is available via sandbox analysis.
Attachment Protect policy configuration full Attachment protection is configured as a gateway policy.
Attachment Protect policy narrative full Policy narrative is stored with the message in the archive.
First Attachment Protect policy guidance full Guide provides an optimal starter configuration for malicious-attachment defense.
Attachment delivery methods full Attachment Protect can deliver messages using selectable methods.
Attachment Protect UI update full Definitions and policy screens were updated without changing underlying functionality.

TTP Impersonation Protect

Whaling protection full Specifically positioned to defend against whaling-style attacks.
Minimal-content attack detection full Designed to catch threats without attachments or URLs.
Key-identifier analysis full Looks for combinations of identifiers common in impersonation attacks.
Impersonation Protect recommended settings full Configuration guide includes recommended settings.
Impersonation Protect policy configuration full Policies control impersonation detection and prevention.
Preconfigured definitions dependency full Policies require preconfigured Impersonation Protect definitions.

TTP URL Protect

URL rewriting full Rewrites all URLs in inbound messages.
Real-time click checks full Performs security checks on destination pages each time a user clicks.
Inbound URL settings full Configurable inbound URL settings.
Outbound URL settings full Configurable outbound URL settings.
Journal URL settings full Configurable journal settings.
URL rewrite modes full Supports different URL rewrite modes.
Advanced similarity checks full Supports advanced similarity checks for URLs.
Unsafe URL actions in messages full Allows actions for unsafe URLs in messages.
Unsafe URL actions in attachments full Allows actions for unsafe URLs found in attachments.
User Awareness prompts full Configurable user-awareness prompts for URL protection.
Challenge frequency adjustments full Allows adjustment of challenge frequency.
User Awareness message customization full Customize URL protect user-awareness messages.
User Awareness safety tips full Customize safety tips shown to users.
URL Protect Dashboard full Dashboard for monitoring URL protection activity.
URL Protect logs full Dashboard lets admins monitor, filter, and manage URL logs.
Allow/block URLs from logs full Admins can block or allow URLs from log views.
Export URL Protect log data full Admins can export URL Protect data.
Analyze scan results full URL Protect logs include advanced phishing and scan-result analysis.
URL Protection bypass policies full Supports bypass policies for URL protection.
Verify rewritten URL full Admins can verify original URLs behind rewritten links.

Targeted Threat Protection

Auto-decryption scanning full Automatic decryption and scanning of encrypted attachments
Credential Theft Protection full Detection of phishing pages and credential harvesting
Multi-stage Attack Detection full Detection of complex multi-vector attacks
TTP Attachment Protect full Sandbox analysis and malware detection for attachments
TTP Impersonation Protect full Detection of display name and domain spoofing
TTP Internal Email Protect full Scanning of internal lateral email threats
TTP URL Protect full Real-time URL scanning with click-time protection
Targeted Threat Protection (TTP) full Product family for advanced phishing, URL, attachment, and impersonation defenses.
TTP FAQ coverage full Public FAQ article exists for TTP feature areas.

Threat Intelligence / AI

AI-generated message detection engine full Mimecast built a detection engine to determine if a message is human- or AI-generated.
AI-powered phishing defenses full Mimecast announced new AI defenses to fight AI-powered phishing.

Use Cases

Use Case: Shadow AI full Publicly listed Mimecast use case: Shadow AI.
Use Case: Legal Hold and eDiscovery full Publicly listed Mimecast use case: Legal Hold and eDiscovery.
Use Case: Business Email Compromise full Publicly listed Mimecast use case: Business Email Compromise.
Use Case: Phishing full Publicly listed Mimecast use case: Phishing.
Use Case: Internal Investigations full Publicly listed Mimecast use case: Internal Investigations.
Use Case: Security culture improvement full Publicly listed Mimecast use case: Security culture improvement.

Related Email Security Vendors

Vendor Directory
Lookup Tools
Analysis
Bulk & Enterprise
Resources
Close