IRONSCALES Launches Three AI Agents to Help Security Teams Outsmart Bad Actors and Agentic Cybercrime in the Era of Phishing 3.0

• IRONSCALES AI Agents enable the shift from reactive to preemptive cybersecurity as 88% of organizations report falling victim to AI-powered attacks within the past 12 months.
• The Winter 2026 Release features built-in email encryption for outbound data protection and expanded Teams deepfake defense.

IRONSCALES, the AI-powered email security platform protecting 17,000+ global organizations, today announced its Winter 2026 Release. At the heart of the release is a new agentic architecture purpose-built for today’s AI-powered threat landscape. The release introduces three specialized AI agents: Red Teaming, Phishing SOC, and Phishing Simulation. Collectively, these agents help shift email security from reactive to preemptive. The Winter Release also includes fully-integrated email encryption for outbound data protection, as well as enhancements to the company's industry-first deepfake protection for Microsoft Teams.

Additionally, the company has bolstered its leadership team with key new hires as part of a strategic investment in its product innovation and development. Steven Malone, a cybersecurity and B2B SaaS veteran, is joining IRONSCALES as Chief Strategy Officer. Amit Bluman, with 20+ years of experience in cybersecurity, data, analytics, AI, and product leadership, is joining as Senior Vice President of Research & Development.

The impetus behind these latest innovations is clear—the threat landscape has entered an entirely new era, and legacy systems are failing to keep up. A recent study from Osterman Research found that 88% of organizations experienced at least one security incident in the past 12 months that undermined trust in digital communications. More than 80% report heightened attacker interest in exploiting trusted channels. And nearly one in five security leaders say awareness training alone is no longer effective against AI-enhanced threats.

“Phishing 3.0 is flawless impersonation at scale. Attackers use AI to research organizations, craft personalized lures, and bypass pattern-based detection on the first attempt. No malicious payloads, just pure social engineering,” said IRONSCALES CEO Eyal Benishti. “Legacy solutions weren't built for this. But our new agents enable the shift from reactive to preemptive email security, allowing CISOs and their teams to stay ahead."

Three Defensive Agents, One Unified Preemptive Front

IRONSCALES AI Agents are designed to work together, creating a system of defenses that anticipates, investigates, and prepares, shifting email security from reactive to preemptive.

• Red Teaming Agent performs the same OSINT reconnaissance your attackers do, scanning social media, press releases, and job postings to map your exposure. It then uses those findings to harden detection before a real attack arrives. Most threat intelligence protects against attacks someone else has already received. The Red Teaming Agent trains your defenses on attacks designed specifically for your organization.
• Phishing SOC Agent delivers L2 analyst-level forensic investigation of suspicious emails in minutes. When an executive escalation or sophisticated vendor impersonation demands more than a confidence score, it produces a complete Security Assessment with verdict, evidence, and reasoning, without pulling your team off other work.
• Phishing Simulation Agent generates hyper-personalized simulations using real OSINT data — scoring each employee's vulnerability, then building targeted attacks in their native language based on what an adversary would actually send. Generic templates test whether employees can spot fake emails. This trains them for the real thing.

“Security teams are stretched thin," said Audian Paxson, Principal Technical Strategist at IRONSCALES. "The Osterman data confirms what CISOs already know: the threat has outpaced the tooling. These agents don't replace your team - they augment what your team can do. You get preemptive threat modeling, forensic-depth investigation on demand, and simulations calibrated to the actual attacks targeting your people. No additional headcount required."

Outbound Coverage: Email Encryption

The Winter 2026 Release also introduces integrated email encryption, extending platform protection to outbound email. Adaptive AI reads the context of outbound messages and applies encryption surgically through two modes: policy-based encryption that automatically protects sensitive and regulated content, and user-initiated encryption for high-stakes workflows. Security teams gain centralized management. GRC and compliance teams gain audit-ready controls that don't depend on employees remembering to act. MSPs gain a single-platform story that combines inbound threat defense with outbound compliance-aligned protection.

Deepfake Protection: Smarter and Easier

IRONSCALES became the only email security vendor with integrated deepfake protection for Microsoft Teams when it launched the capability in 2025. The Winter 2026 Release advances it in two important ways.

• Enhanced voice detection extends the platform's biometric analysis beyond visual identity. The system now learns employee voice patterns from normal meeting participation, then flags impersonation attempts even when cameras are off. Most deepfake point tools rely solely on artifact detection to identify manipulated media - a model that struggles as generation quality improves. IRONSCALES layers behavioral and biometric analysis on top of identity verification, covering the full attack chain from email to account takeover to real-time meeting impersonation.
• Automatic profile learning makes deployment effortless at any scale.. Protected identity profiles now build passively as employees participate in Teams meetings - no manual photo uploads, no IT tickets, no pre-enrollment campaigns. The system learns what it needs from ordinary meeting activity, and manual uploads remain available for customers who want to accelerate the process.

"The biggest question we heard from customers about deepfake protection was, 'how do I actually roll this out at scale?'" said Benishti. "Automatic profile learning answers that. Your employees don't have to do anything different. The system learns as they work."

To learn more about the Winter 2026 Release features, click here, or book a live demo with an IRONSCALES expert today.

About IRONSCALES

IRONSCALES is the leader in AI-powered email security protecting over 17,000+ global organizations from advanced phishing threats. As the pioneer of adaptive AI, we detect and remediate attacks like business email compromise (BEC), account takeovers (ATO), and zero-days that other solutions miss. By combining the power of AI and continuous human insights, we safeguard inboxes, unburden IT teams, and turn employees into a vital part of cyber defense across enterprises and managed service providers. IRONSCALES is headquartered in Atlanta, Georgia. To learn more, visit www.ironscales.com or follow us on LinkedIn.

Media Contact:
Douglas De Orchis
Scratch Marketing + Media for IRONSCALES
ironscales@scratchmm.com