Mimecast is a cyber resilience company focused on email security, archiving, and data protection. Founded in 2003 in London and now headquartered in Lexington, Massachusetts, Mimecast has served as a foundational layer of email security for enterprises and mid-market organizations for over two decades. The company was taken private by Permira in a $5.8 billion transaction in 2022 after trading publicly on NASDAQ since 2015, enabling accelerated investments in platform expansion, AI capabilities, and strategic acquisitions.
Platform
Email Security
Mimecast’s core email security gateway provides multi-layered protection against phishing, business email compromise (BEC), malware, spam, impersonation attacks, and zero-day threats. The platform inspects inbound, outbound, and internal email traffic using signature-based detection, static and dynamic sandboxing, URL rewriting with time-of-click analysis, and AI-powered content inspection. Mimecast integrates with Microsoft 365 and Google Workspace as both a traditional secure email gateway (SEG) with MX record routing and as an API-based complement for organizations that prefer inline-plus-API deployment.
Insider Risk and Data Loss Prevention
Through its acquisition of Code42 and the Incydr product, Mimecast expanded into insider risk detection and data loss prevention. Incydr monitors file exfiltration activity across endpoints including uploads to personal cloud storage, USB transfers, email attachments, Airdrop, and browser-based file sharing to detect and respond to insider threats and data leakage. Unlike traditional DLP that relies on content classification policies and keyword matching, Incydr focuses on file movement vectors and user behavioral risk signals, reducing false positives while catching real data theft.
Email Archiving and Compliance
Mimecast’s cloud archive provides tamper-proof retention of email, files, and instant messaging data for compliance, eDiscovery, and litigation hold. The archive supports automated retention policies, legal hold workflows, granular search across petabytes of archived communications, and data export in standard formats. The platform helps organizations meet compliance requirements for SEC Rule 17a-4, FINRA, HIPAA, GDPR, and other regulatory frameworks that mandate email retention.
Brand Protection
Mimecast’s DMARC Analyzer and brand protection capabilities help organizations prevent email impersonation and domain spoofing. The platform provides visibility into email authentication (SPF, DKIM, DMARC) and monitors for lookalike domains used in phishing campaigns targeting customers, partners, and the general public. Automated takedown services remove malicious domains and phishing pages impersonating the organization’s brand.
Security Awareness Training
Mimecast provides security awareness training with phishing simulation, micro-learning modules, and employee risk scoring to reduce human error as an attack vector. Training content is tailored to real threats observed in the organization’s email traffic, ensuring simulations reflect the actual threat landscape rather than generic phishing templates. The platform tracks individual and departmental risk scores to identify high-risk users who need additional training.
Web Security
Mimecast’s web security module blocks access to malicious websites, preventing credential harvesting and drive-by malware downloads that originate from email-borne URLs or general web browsing. The module provides URL categorization, content filtering, and threat intelligence-driven blocking.
Collaboration Security
As organizations adopt collaboration platforms beyond email like Microsoft Teams and Slack, Mimecast has extended its security capabilities to scan content shared through these channels for malicious URLs, malware, and sensitive data. This addresses the growing attack surface created by messaging and collaboration tools.
AI-Powered Threat Detection
Mimecast has invested in AI and machine learning capabilities to detect sophisticated phishing, BEC, and social engineering attacks that evade traditional rule-based detection. Natural language processing analyzes email content for persuasion techniques, urgency indicators, and impersonation patterns that characterize social engineering campaigns.
Integration Ecosystem
Mimecast integrates with a broad ecosystem of security tools including SIEM platforms (Splunk, Microsoft Sentinel), SOAR solutions (Palo Alto XSOAR, Swimlane), endpoint security (CrowdStrike, SentinelOne), and identity providers (Okta, Microsoft Entra). These integrations enable automated incident response workflows and correlated threat intelligence across the security stack.
Code42 Acquisition
Mimecast acquired Code42, the maker of Incydr, to add insider risk management and endpoint-based data loss prevention to its cyber resilience platform. Incydr’s endpoint-based approach to detecting data exfiltration complements Mimecast’s email-centric DLP by covering file movement across all egress vectors, not just email. The acquisition reflects the industry trend of converging email security, DLP, and insider risk into unified platforms that protect against both external threats and internal data loss.
Customer Base and Go-to-Market
Mimecast serves over 42,000 customers globally, with particular strength in mid-market and upper mid-market organizations across financial services, healthcare, legal, and professional services. The company operates a hybrid go-to-market model with both direct sales and a robust channel partner ecosystem. Mimecast’s high customer retention rates reflect the platform’s deep integration into email infrastructure and the operational dependency that organizations develop on archiving and compliance capabilities.
Financial Performance
Prior to going private, Mimecast generated approximately $600 million in annual revenue. Under Permira’s ownership, the company has continued to invest in product expansion, AI-driven detection capabilities, and M&A to broaden its cyber resilience platform beyond its email security roots. The private ownership structure has enabled Mimecast to make long-term strategic investments without the quarterly earnings pressure of public markets.
Industry Outlook
The email security market continues to evolve as threat actors leverage generative AI to create more convincing phishing and BEC attacks that bypass traditional detection methods. Mimecast’s investment in AI-powered detection, combined with its expansion into insider risk through Code42, positions the company to address the converging threats of external email attacks and internal data loss. The broader trend of human risk management, integrating email security, DLP, and security awareness, aligns with Mimecast’s platform strategy.
Market Position
Mimecast competes in the secure email gateway market against Proofpoint (Thoma Bravo), Microsoft Defender for Office 365, Cisco Email Security, Barracuda, and newer API-based entrants like Abnormal Security and Material Security. Mimecast has been recognized as a Leader in the Gartner Magic Quadrant for Email Security and maintains a strong reputation for reliability, ease of administration, and customer satisfaction. The company’s broad platform spanning email security, archiving, DLP, brand protection, and awareness training provides a consolidation advantage for organizations looking to reduce point product sprawl.
Leadership
Marc van Zadelhoff serves as CEO, having previously been CEO of Devo Technology and GM of IBM Security. David Raissipour is Chief Technology and Product Officer. Jules Martin serves as Chief Financial Officer. Adam Marre is Chief Information Security Officer and Bryan Seedorf leads threat intelligence as VP.