Email Threat Intelligence for M365 & Google Workspace

Self-hosted platform that learns from your users' behavior to build domain reputation, detect phishing campaigns, extract IOCs, and train users on real attacks. No external feeds. No outbound traffic.

GCC High native · FIPS-approved algorithms · Air-gap capable · Deploy in 2 minutes

Request Access See All Features

Microsoft 365GCC HighGoogle WorkspaceFIPS-Ready

What Cupelon Does

Your users are the threat intelligence feed. Cupelon observes their native behavior to protect the entire organization.

Domain Reputation Tracking

Crowdsourced intelligence from your own users. Cupelon learns which senders are trusted and which are threats — no external feeds required.

IOC Extraction

Automatically extract indicators of compromise from flagged emails and correlate threats across sender domains.

Contextual Warning Banners

Color-coded warning banners injected directly into emails based on reputation and threat analysis. Applied retroactively when threat levels change.

Inline Phishing Training

Educational panels injected into real phishing attempts at the point of attack. No simulations — users learn from actual threats they receive.

Lookalike Domain Detection

Algorithmic detection of impersonation domains. No blocklists to maintain — catches zero-day lookalike domains instantly.

M365 & Google Workspace

Native support for Microsoft 365 (commercial and GCC High) and Google Workspace. Deploy for one platform or both.

Alerting & Notifications

Configurable alert rules delivered to Microsoft Teams, email, and Google Chat with built-in cooldowns to prevent alert fatigue.

Zero Outbound Traffic

All processing stays within your network boundary. No telemetry, no phone-home. Air-gap deployment supported.

CMMC & CUI Ready

FIPS-approved algorithms, certificate-based authentication, role-based access control, audit logging, and configurable data retention. Built for regulated environments.

Customizable Templates

Full control over warning banner appearance. Customize per threat level with your organization's branding and messaging.

Campaign Detection

Automatically clusters related phishing messages that use slightly modified templates, revealing coordinated campaigns across your organization.

Auto-Updates

Automatic updates with zero-downtime restarts. Air-gap environments update via offline image transfer.

Learn more about features →

How It Works

Choose Your Plan

Pick a tier and seat count. Transparent sliding-scale pricing with no hidden fees.

Get Your License

Receive your license key and install token instantly. Annual plans get a 30-day provisional license while payment clears.

Deploy in 2 Minutes

Run one command on your server. Auto-HTTPS and auto-updates included out of the box.

Why Cupelon

A supplementary threat intelligence layer that works alongside your existing email security — adding capabilities most solutions don't offer.

Self-Hosted & Air-Gapped

Your data never leaves your network. No SaaS dependency, no outbound telemetry, no third-party access to your emails.

No MX Record Changes

Cupelon integrates via API — no mail flow disruption, no DNS changes, no proxy routing.

GCC High Native

Built for government and regulated environments from day one. FIPS-approved algorithms and certificate auth throughout. Not a compliance wrapper bolted on.

Deploy in 2 Minutes

One command to install with auto-HTTPS and auto-updates. No professional services required.

Transparent Per-Seat Pricing

No enterprise minimums, no hidden platform fees, no per-mailbox scanning surcharges. Price scales with your seat count.

Supplementary Intelligence Layer

Works alongside your existing email security stack. Adds domain reputation, phishing training, and IOC extraction on top of what you already have.

Turn Every Phishing Attempt Into a Teachable Moment

Stop sending fake phishing emails. Cupelon analyzes real attacks and injects educational training panels directly into suspicious messages — teaching users at the point of attack.

Users learn from the actual threats they receive — not simulated ones they learn to ignore. No separate training portal. No per-user simulation fees.

Learn about inline training →

Phishing Training — Suspicious Email

Multiple warning signals detected

Link Mismatch: Display text doesn't match the actual destination

Urgency Language: Pressure tactics detected in message body

Poor Reputation: Other users in your org flagged this sender

New Sender: This domain was first seen recently

Auth Failure: Email authentication check failed

One Command. Two Minutes.

Self-hosted deployment with auto-HTTPS and auto-updates out of the box. No professional services required.

$ curl -sL https://install.cupelon.com/setup | sudo bash

Ubuntu 22.04+, Debian 11+, RHEL 8+ · 2 CPU / 4 GB RAM minimum · Air-gap install available

Start Free with Cupelon Community

Enterprise-grade threat intelligence at no cost. Get Cupelon Score threat scoring, domain reputation data, and campaign cluster detection — powered by crowd-sourced intelligence from the Cupelon network.

Request Access

Ready to Get Started?

Cupelon is currently in limited release. Request early access and we will reach out when your account is ready.

Request Access Security & Compliance