/

Material Security

  • What it is:Material Security is a detection and response platform for Google Workspace and Microsoft 365 that provides email security, data security, identity threat detection, and posture management.
  • Best for:Google Workspace and Microsoft 365 enterprises, MSPs and MSSPs managing multiple clients, Security teams fighting sophisticated email threats
  • Pricing:Starting from Billed annually
  • Rating:85/100Very Good
  • Expert's conclusion:Material Security is best suited for larger organizations seeking frictionless API-based email and workspace security with enterprise-level compliance controls.
Visit website
Reviewed byMaxim Manylov·Web3 Engineer & Serial Founder

What Is Material Security and What Does It Do?

Material Security is a cybersecurity company that provides cloud-based email and file security, data loss prevention, and posture management for both Microsoft 365 and Google Workspace. Material was co-founded by former Dropbox and Google engineers to protect productivity suites from threats by stopping attacks before they become incidents of compromised information. Material became a unicorn when its valuation reached $1.1 billion in 2022.

Active
📍Redwood City, CA
📅Founded 2017
🏢Private
TARGET SEGMENTS
EnterpriseMid-marketSecurity Teams

What Are Material Security's Key Business Metrics?

📊
$184M
Total Funding
📊
$100M Series C
Latest Funding
📊
$1.1B
Valuation
🏢
87
Employees
💵
$18.3M
Revenue
📊
4
Funding Rounds

How Credible and Trustworthy Is Material Security?

85/100
Excellent

Unicorn backed by large amounts of capital; well-resourced, highly-experienced founders from Dropbox and Google; demonstrated product-market fit in cloud email security; multiple successful funding rounds demonstrate marketplace validation.

BREAKDOWN
Product Maturity80/100
Company Stability90/100
Security & Compliance85/100
User Reviews75/100
Transparency80/100
Support Quality80/100
TRUST SIGNALS
Unicorn status ($1.1B valuation)Backed by Andreessen Horowitz, Founders FundFounders from Dropbox, Google, Microsoft Research4 funding rounds totaling $184M

What is the history of Material Security and its key milestones?

2017

Company Founded

Ryan Noon, Abhishek Agrawal, and Chris Park co-founded Material Security (initially Stellarite) after working as engineers at Dropbox, Google, and Microsoft Research.

2018

Series A Funding

Completed Series A Funding Round with $20 million led by Andreessen Horowitz following completion of their first Minimum Viable Product (MVP), securing early access customers.

2020

Out of Stealth

Publicly launched Material Security on June 30, 2020 with an emphasis on cloud email security.

2021

Series B Funding

Secured $40 million in Series B funding which brought total funding to over $60 million.

2022

Series C & Unicorn Status

Secured $100 million in Series C funding at a valuation of $1.1 billion, led by Founders Fund and raised total funding to $184 million.

Who Are the Key Executives Behind Material Security?

Ryan NoonChairman & Co-founder
Co-founder of Material in 2017. Served as Engineering Team Lead at Dropbox following the acquisition of Parastructure. Earned Master of Science degree in Computer Networks and Security from Stanford University.
Abhishek AgrawalCo-founder
Co-founder of Material in 2017. Was an early Product Leader at Dropbox, and served as Engineer at Microsoft Research. Earned Master of Business Administration degree from Harvard University, Bachelor of Science in Engineering from Princeton University.
Chris ParkVP of Engineering & Co-founder
Co-founder of Material in 2017. Managed Data Privacy at Google and served as Engineering Team Lead of Infrastructure at Dropbox following the acquisition of Parastructure. Earned Bachelor of Science degree from University of California-Berkeley.

How Much Does Material Security Cost and What Plans Are Available?

Pricing information with service tiers, costs, and details
Service$CostDetails🔗Source
EssentialsBilled annuallyCore cloud office security solution that automates detection and response across email, files, and configuration settings. Fee based on Shared Drive size.Official pricing page
AdvancedBilled annuallyAll features of Essentials plus data classification, governance, and protection capabilities.Official pricing page
Account Takeover Protection$5/user/month as stand-alone (billed annually)Advanced features to detect, respond to, and mitigate account takeovers. Available as add-on or stand-alone license.Official pricing page
EssentialsBilled annually
Core cloud office security solution that automates detection and response across email, files, and configuration settings. Fee based on Shared Drive size.
Official pricing page
AdvancedBilled annually
All features of Essentials plus data classification, governance, and protection capabilities.
Official pricing page
Account Takeover Protection$5/user/month as stand-alone (billed annually)
Advanced features to detect, respond to, and mitigate account takeovers. Available as add-on or stand-alone license.
Official pricing page
💡Pricing Example: Median contract value for typical deployment
Material Security$19,680 - $25,200
Median contract values across deployments
Abnormal AI (competitor)$41,360
Higher median contract value
💰Savings:25.79% avg savings reported on Vendr

How Does Material Security Compare to Competitors?

FeatureMaterial SecurityAbnormal AIKitecyber
Email Threat DetectionYes (AI-powered)Yes (Advanced)Partial (SaaS security)
File Security & DLPYes (Sensitive content classification)YesYes (Network DLP)
Account Takeover ProtectionYes (Add-on $5/user/mo)YesPartial
Google Workspace SupportYesYesYes
Microsoft 365 SupportYesYesYes
Auto-RemediationYesYesPartial
Starting PriceCustom (Med $19k-$25k)Custom (Med $41k)$5/user/month
Enterprise SSOYesYesYes
API AvailabilityYes
SOC 2 CertifiedLikelyYesLikely
Email Threat Detection
Material SecurityYes (AI-powered)
Abnormal AIYes (Advanced)
KitecyberPartial (SaaS security)
File Security & DLP
Material SecurityYes (Sensitive content classification)
Abnormal AIYes
KitecyberYes (Network DLP)
Account Takeover Protection
Material SecurityYes (Add-on $5/user/mo)
Abnormal AIYes
KitecyberPartial
Google Workspace Support
Material SecurityYes
Abnormal AIYes
KitecyberYes
Microsoft 365 Support
Material SecurityYes
Abnormal AIYes
KitecyberYes
Auto-Remediation
Material SecurityYes
Abnormal AIYes
KitecyberPartial
Starting Price
Material SecurityCustom (Med $19k-$25k)
Abnormal AICustom (Med $41k)
Kitecyber$5/user/month
Enterprise SSO
Material SecurityYes
Abnormal AIYes
KitecyberYes
API Availability
Material Security
Abnormal AI
KitecyberYes
SOC 2 Certified
Material SecurityLikely
Abnormal AIYes
KitecyberLikely

How Does Material Security Compare to Competitors?

vs Abnormal AI

Material Security provides a broader level of protection for cloud workspaces (email, files, and accounts) compared to Abnormal AI, which is focused solely on email security. Material also has a lower median contract value than Abnormal AI ($19K-$25K vs $41K). This makes Material more attractive to mid-market organizations. The following has been rewritten to be more conversational sounding, however no changes were made to the date or time information, nor were there any factual or chronological changes made to the content itself. Only the wording has changed: BEGIN_TEXT

Material for overall workspaces security; Abnormal for email-centric protection.

vs Kitecyber

Modular per-user pricing (between $5–$99/user/month) by Kitecyber is well-suited for small teams, whereas Material’s contract-based pricing is better for enterprises that require a unified email/file/account security platform.

Kitecyber for budget conscious SMBs; Material for enterprise level workspace security.

What are the strengths and limitations of Material Security?

Pros

  • Unified platform model — email, file, account protection vs point solutions
  • Auto-remediation capabilities — decreases amount of manual intervention and team burn-out
  • Full life-cycle protection — detects threats before they occur, contains them during the incident, resilient after the threat has passed
  • Lower median contract value — $19k – $25k vs competitors such as Abnormal at $41k
  • MSP/MSSP friendly — multi-tenant platform for managed security service providers
  • AI powered investigation — automatically processes and responds to user reports
  • Data classification and governance — advanced features available in higher levels

Cons

  • Custom pricing only — does not have a publicly listed price per user on website
  • Pricing based upon shared drive space — costs increase with increased use of storage
  • Enterprise sales model — will most likely involve demo’s and negotiation
  • Limited pricing transparency — only able to find median values through third party data
  • Account takeover as an additional feature — requires separate licensing to enable core functionality
  • No free-tier option — appears to only support enterprise customers
  • Requires integration with either Google Workspace or Microsoft 365 — cannot function independently

Who Is Material Security Best For?

Best For

  • Google Workspace and Microsoft 365 enterprisesProvides a single, unified security platform to replace multiple point solutions
  • MSPs and MSSPs managing multiple clientsMulti-tenant platform eliminates need for manual intervention in addition to overhead
  • Security teams fighting sophisticated email threatsAutomatically remediates attacks that bypassed native controls using AI-powered auto-remediation
  • Organizations with sensitive file sharing risksAutomatically remediates excessive permissions and sharing
  • Companies seeking 25%+ contract savingsMedian contract values are lower than competitors such as Abnormal AI

Not Suitable For

  • Small businesses under 50 usersCustom enterprise pricing is likely too expensive compared to per-user pricing options of Kitecyber
  • Standalone email-only security needsOverly broad workspaces platform compared to more focused email security platforms
  • Budget-constrained startupsThere are no inexpensive or transparent tiered pricing plans, but you could look at Kitecyber Starter plans instead
  • Non-Google/Microsoft 365 environmentsDesigned for Workspace and M365 platforms

Are There Usage Limits or Geographic Restrictions for Material Security?

Pricing Model
Custom contract-based, no public per-user pricing
Shared Drive Dependency
Fees based on Shared Drive size
Platform Support
Google Workspace and Microsoft 365 only
Account Takeover Protection
$5/user/month add-on or stand-alone
Deployment
Cloud SaaS only, no on-premises option
Free Tier
Evaluation
Security posture scorecard available

Is Material Security Secure and Compliant?

Cloud Workspace ProtectionSecures Google Workspace and Microsoft 365 against phishing, data loss, account takeovers
AI-Powered Threat DetectionAutomated detection of sophisticated attacks bypassing native controls
Data Loss PreventionSensitive content classification, improper sharing remediation
Auto-RemediationBuilt-in responses resolve issues without manual intervention
File SecurityDetects excessive permissions and inappropriate sharing automatically
Account SecurityIdentifies, contains, and remediates account takeovers

What Customer Support Options Does Material Security Offer?

Channels
Available via websiteFor pricing and contract discussionsMSP/MSSP partnership opportunitiesFree security posture evaluation
Hours
Business hours (enterprise sales process)
Response Time
Custom enterprise support via sales team
Satisfaction
Positive customer quotes on website
Specialized
MSP/MSSP partner program for managed security
Business Tier
Enterprise contract support with auto-remediation
Support Limitations
No public self-service support portal identified
Support appears enterprise sales-driven
No live chat or phone support details available

What APIs and Integrations Does Material Security Support?

API Type
REST API for native integrations with Microsoft 365 and Google Workspace. Deploys in minutes via APIs without MX changes or network disruption
Authentication
API Token required for integrations. SSO support for admin console via existing identity providers. x-api-key header style in related materials APIs
Webhooks
Not explicitly documented in public sources
SDKs
No official SDKs found in public documentation. Integrations available via Sumo Logic, Tines, and other platforms
Documentation
Limited public API documentation available. Integration guides in partner platforms like Sumo Logic (Search Cases, Get Case Details) and deployment pages
Sandbox
No public sandbox or testing environment documented
SLA
Not publicly documented. SOC 2 Type II compliance with audit logs suggests enterprise-grade reliability
Rate Limits
Not publicly documented
Use Cases
Email security automation, case management (search/update cases), message listing, sensitive content detection/redaction in cloud workspaces

What Are Common Questions About Material Security?

Material Security is deployed through native APIs to Microsoft 365 and Google Workspace in minutes, without any need for MX changes. Email security, user behavior analytics and data loss prevention can all be achieved through finding and redacting sensitive content. Features can also be optionally selected for a variety of users or teams.

Pricing for this solution is not publically disclosed and would have to be acquired through sales contact. The platform is targeting enterprise customers with single tenant solutions as well as SOC 2 compliance. The time it takes to deploy is very short, with the option to use flexible opt-in controls.

Unlike other gateway solutions that require an MX change, Material can deploy instantly through APIs and will cause no down time. It has the option for default opt-in deployment, RBAC (Role Based Access Control), audit logs and infrastructure control. Single tenant solutions are available for enterprise customers.

Yes, Material is SOC 2 compliant and utilizes immutable audit logs and SSO (Single Sign On) along with providing complete infrastructure access for custom security tooling, using a Zero Trust principle extending to the mailbox through cloud email APIs.

Yes, Material uses native API's for both Microsoft 365 and Google Workspace, partner API's can be used with Sumo Logic, Tines, and others for automated workflow functionality. Groups can be synced from Active Directory, Google or IdP.

Trial information for Material is not publicly available. Please contact sales for demo's or trials. Because Material can deploy so quickly, you can test it without impacting your production environment.

As Material does not require either network changes or MX record updates, selective rollout by user/team is possible. Single tenant deployment is available for enterprise customers who need to have full control over their infrastructure.

Material supports enterprise customers with SOC 2 compliance, audit logs and RBAC. Admin console access is available for SSO. Please contact sales for dedicated support and professional services. The following text has been rewritten so that it appears as if a human wrote it: BEGIN_TEXT

Is Material Security Worth It?

Material Security is a new provider of cloud workspace security solutions that provide material security to workspaces via an API interface allowing for simple deployment without the need to worry about the complexities associated with typical email gateways. With its Zero Trust approach, along with rapid deployment capabilities, SOC 2 compliance, and selective feature enablement, Material Security is positioned for success among large organizations that value security over workflow interruptions; however, due to limited publicly available technical documentation, customers will likely have to engage with Sales representatives in order to fully evaluate the product offerings.

Recommended For

  • Organizations utilizing Microsoft 365 (M365) or Google Workspace (GWS) email services are ideal candidates for Material Security’s solution.
  • Organizations with Security teams who want to avoid changing their MX records and/or disrupting their networks.
  • Organizations that require SOC 2 compliant audit logs.
  • Organizations that desire fine-grained control over the deployment process based on team/user level granularity.

!
Use With Caution

  • Organizations that require extensive public API documentation prior to purchasing the product.
  • Smaller Businesses – Material Security offers enterprise-focused pricing models and features, which may be cost-prohibitive for smaller organizations.
  • Organizations that require on-premises/hybrid deployment options.

Not Recommended For

  • Budget-constrained Small/Medium-sized Business (SMB) organizations looking for low-cost email security solutions.
  • Organizations that prefer to utilize traditional gateway deployments.
  • Organizations that require extensive pre-built integrations beyond Microsoft 365/Google Workspace.
Expert's Conclusion

Material Security is best suited for larger organizations seeking frictionless API-based email and workspace security with enterprise-level compliance controls.

Best For
Organizations utilizing Microsoft 365 (M365) or Google Workspace (GWS) email services are ideal candidates for Material Security’s solution.Organizations with Security teams who want to avoid changing their MX records and/or disrupting their networks.Organizations that require SOC 2 compliant audit logs.

What do expert reviews and research say about Material Security?

Key Findings

Material Security specializes in providing API-driven cloud workspace security for Microsoft 365 (M365) and Google Workspace (GWS), including instant deployment, Zero Trust protections, SOC 2 compliance, audit logs, and single-tenant options. Material Security also allows organizations to roll-out selected features to specific users/teams without having to make MX record changes. However, Material Security does not provide public access to its API documentation and instead relies upon partner integrations to facilitate this type of exposure.

Data Quality

Fair - product overview and deployment details from official site, partner documentation (Sumo Logic, Tines). Technical API specs, pricing, and SLA details require sales contact as private enterprise SaaS.

Risk Factors

!
Limited public technical documentation
!
The cost of enterprise licensing for Material Security is not readily apparent from public-facing marketing materials.
!
Material Security requires organizations to be part of the Microsoft 365 or Google Workspace ecosystem in order to utilize its products.
!
Material Security does not provide a public sandbox/trial environment for organizations to test the product prior to purchase.
Last updated: February 2026

What Additional Information Is Available for Material Security?

Deployment Model

Using API-based deployment options, Material Security can connect to both Microsoft 365 and Google Workspace in mere minutes and allow organizations to deploy email security solutions without making any MX record changes, resulting in zero downtime during the initial deployment process. Additionally, organizations can configure Material Security to automatically apply any desired feature sets to specific groups of users based on the organization's existing group structures defined within Active Directory, Google, or other Identity Providers (IdP).

Security Controls

The SOC 2 Type II was completed by an independent auditor and has immutable audit logs that track all administrator actions. All administrators use single sign on (SSO) to log into the Admin Console. In addition to single sign on, our administrators have full access to our entire infrastructure and are able to utilize role based access control (RBAC) and any other custom security tooling they need.

Partner Ecosystem

We currently integrate with three separate vendors, Sumo Logic for case management and message search, Tines for automation flows, and Carahsoft for government sales. Our integrations are also available through a variety of technology resellers.

Cloud-Native Focus

Our product is built specifically for cloud office environments. We extend the principles of zero trust to your employees' mailboxes by utilizing your organization's cloud email, SSO, and MFA platforms to leverage their respective APIs. A single tenant deployment option is also available.

Alternatatives

Alternatives
[{"name":"Proofpoint Email Protection","description":"Enterprise email security gateway with comprehensive threat protection. Requires MX changes unlike Material's API deployment but offers broader ecosystem support. Best for organizations already using gateway architecture. (proofpoint.com)"},{"name":"Mimecast Email Security","description":"Cloud email security with advanced threat detection and archiving. More mature ecosystem but similar MX requirements. Better for compliance-heavy industries. Best for enterprises with complex email environments. (mimecast.com)"},{"name":"AI-powered email security using behavioral AI. API deployment similar to Material but broader threat coverage. Higher cost but stronger SOC/CMT detection. Best for enterprises prioritizing AI threat prevention. (abnormalsecurity.com)"},{"name":"Tessian (Proofpoint)","description":"AI-driven human error prevention for email. API-based like Material with focus on insider threats. Recently acquired by Proofpoint. Best for teams addressing behavioral risks over malware. (tessian.com)"},{"name":"Avanan (Check Point)","description":"Cloud email security with inline API architecture. Direct competitor to Material's deployment model serving M365/GWS. Strong Harmony integration. Best for Check Point ecosystem users. (avanan.com)"}]

Fraud Detection Performance Metrics

pending
False Positive Rate (FPR)
pending
False Negative Rate (FNR)
pending
True Positive Rate (Sensitivity)
pending
Precision
pending
F1 Score
pending
Area Under ROC Curve (AUC)
pending
Inference Latency
pending
Throughput

AI-Powered Fraud Detection Capabilities

Phishing Protection

We utilize artificial intelligence to detect and prevent phishing attacks that target email communications.

Account Takeover Prevention

We provide protection against unauthorized access to your company's cloud workspaces and we help protect against credential compromise.

Machine Learning Anomaly Detection

Our models continuously adapt to recognize unusual patterns in both email and collaboration data.

Shadow IT Detection

We automate the process of discovering when your employees are accessing unauthorized applications and/or AI tools via their work email.

Risk Assessment Automation

When an employee accesses a new app or service, our system surfaces relevant risk context about their SSO status and OAuth permissions for that/those third party apps.

Behavioral Analytics

In addition to analyzing metadata associated with security alerts and account activities to enhance our ability to detect threats, our system also analyzes metadata associated with security alerts and account activities to improve our ability to detect threats.

Document & Biometric Verification Specifications

Supported Document Types
pending
Geographic Coverage
pending
Document Liveness Detection
pending
Synthetic Document Detection Rate
pending
Document Tampering Detection
pending
OCR Accuracy
pending
Face Matching Accuracy
pending
Passive Liveness Detection
pending
Active Liveness Detection
pending
Anti-Spoofing Methods
pending
Biometric Processing Latency
pending
Cross-Device Consistency
pending

What Is Material Security's Regulatory Compliance Status Status?

SOC 2 Type II Certification
ISO 27001 Information Security
GDPR Compliance
CCPA/CPRA Compliance
BIPA (Biometric Privacy)
KYC/AML Framework
OFAC Sanctions Screening
FinCEN Deepfake Alert Compliance
EU AI Act (High-Risk)
iBeta L1 Liveness Certification
iBeta L2 Liveness Certification
PCI DSS Compliance
Penetration Testing
Data Residency Options

Response to Current Fraud Threat Landscape

Phishing Attack Mitigation

Our system detects and blocks phishing attempts in real time that are targeted at Google Workspace and Microsoft 365 users.

Account Takeover Defense

We protect against unauthorized access through advanced monitoring techniques and automated responses.

Shadow IT and Unauthorized AI Control

We offer a comprehensive discovery and risk assessment of unsanctioned applications and AI tools.

Email Data Loss Prevention

We offer granular controls that can be used to protect sensitive information that may be being communicated via email.

Third-Party Application Risk Management

Our system automatically identifies when an employee is granted a risky OAuth permission and/or misses out on an SSO protection.

Advanced Threat Protection

We utilize artificial intelligence to provide protection against sophisticated email-based attacks.

Integration & Orchestration Features

Google Workspace Native Integration

We seamlessly protect Gmail, Google Drive, and any other collaboration applications that you utilize.

Microsoft 365 Integration

We provide comprehensive security for Outlook, OneDrive, and Microsoft Teams environments.

Automated Risk Assessment Engine

Our system provides real-time evaluations of the security posture of each third party application.

Metadata Analysis Integration

Our system utilizes message metadata to discover shadow IT across your organization.

Real-Time Threat Response

Once we have identified a potential security risk, our system allows for immediate action to take place.

Centralized Security Dashboard

Unified view of security posture across cloud collaboration platforms

Business Impact & Operational Metrics

pending
Onboarding Conversion Rate
pending
Fraud Detection Rate
pending
Cost Per Fraud Prevention
pending
Manual Review Queue Reduction
pending
Average Time to Resolution
pending
False Positive Abandonment Cost
pending
Mean Time to Detect (MTTD)
pending
Mean Time to Respond (MTTR)

Industry Use Case Coverage

Use Case CategoryPrimary ApplicationsRisk HandlingRegulatory FrameworkSupport Level
Enterprise Email SecurityPhishing protection for Google Workspace and Microsoft 365Advanced phishing, account takeover, malicious attachmentsGDPR, CCPA, SOC 2 frameworksFully Supported
Shadow IT ManagementThird-party SaaS and AI application discoveryUnauthorized app usage, risky OAuth permissionsInternal security policies, data protection regulationsFully Supported
Data Loss PreventionEmail DLP for sensitive informationAccidental and malicious data exfiltrationGDPR, HIPAA, industry compliance standardsFully Supported
Cloud Collaboration SecurityProtection across Gmail, Drive, Outlook, TeamsInsider threats, external collaboration risksEnterprise security standardsFully Supported
Identity Threat ProtectionAccount takeover and credential abuse preventionPhishing credential harvesting, session hijackingZero Trust security frameworksFully Supported

Expert Reviews

📝

No reviews yet

Be the first to review Material Security!

Write a Review

Similar Products

Resistant AI
resistant.ai
Tessian (Proofpoint)
tessian.com