Doppel Named Official Partner of the New York Knicks
Partnership to Showcase Doppel to Knicks Widespread Audience Through In-Arena, Digital and Out-Of-Home Assets
Software engineers control computers with natural language. Your security engineers should, too.

Cybersecurity is shifting quickly to counter sophisticated social engineering attacks. But security analysts are still buried under an abstraction layer that belongs in the past decade. Defending the inbox has meant engineers spending their days translating human intuition into regex, debugging order-of-operations in rule sprawl, and manual ticket routing.
Meanwhile, software engineering has completely changed. Developers no longer spend all their time writing boilerplate execution logic line by line. Instead, they use natural language prompts to guide coding agents that reason, generate code, and handle execution at scale.
It’s time for email security to undergo the exact same user experience (UX) transformation. Security engineers should control their defensive infrastructure using plain English, not spaghetti code and vendor support tickets.
To evaluate whether an enterprise email defense is genuinely AI-native, security leaders must move past the marketing noise and look at how a platform re-architects the day-to-day human workflow across three foundational vectors.
If a detection engine still primarily relies on security teams manually hardcoding YARA or Sigma rules, it’s fundamentally restricted by a legacy UX framework. While traditional heuristics and behavioral blackbox machine learning (ML) layers remain vital for filtering high-volume, known threat vectors, they function merely as preliminary filters rather than the ultimate decision-makers.
True AI-native detection is driven entirely by natural language policies. Just as software engineers rely on prompt-driven coding agents instead of manual syntax, security teams deserve an engine that reasons about message intent through human terms.
In a true natural language architecture, security teams define a policy rubric in plain, descriptive English:
"Flag any inbound message that claims to be from an executive requesting an urgent out-of-band operational task, such as a wire transfer or credential validation, particularly if the display name matches internal leadership but originates from an unverified external tenant."
Behind the scenes, the underlying system translates these parameters into semantic vectors and system prompts. Reasoning-based agents ingest the email’s complete payload, evaluating text intent, relationship context, and infrastructure metadata. The agents then triage threats based on those exact cognitive specifications. The engineer dictates the intent, and the system handles the execution logistics quickly.
When an email slips through a legacy architecture or triggers a false positive, the standard remediation process puts security teams into a lose-lose scenario:
Slapping a simple LLM wrapper on top of a perimeter filter fails to solve this friction. If the core engine isn't inherently built for natural language and reasoning, adding an AI feature to the perimeter won't eliminate manual rule tuning.
An AI-native approach flips this model by embedding reasoning directly into the feedback loop. The user experience shifts from debugging lines of script to having a peer-to-peer conversation with an autonomous agent.
![]()
In the same way that software engineers use autonomous agents to investigate bugs, provide root-cause analyses, and spin up pull requests automatically, security teams require that same agentic experience for email misses.
You update your guidelines in human terms, and then the agent reviews its own execution trace, identifies the semantic gap, and dynamically updates its knowledge base to prevent future variants instantly.
Deploying a true natural language interface poses a major infrastructure challenge: sustaining high-velocity reasoning amid massive email volumes without falling to latency or spiraling token costs.
Many self-proclaimed AI-native vendors fail here. Because they haven't solved the "tokenomics" problem of running large language models (LLMs) at scale, their core inbound detection pipelines lack native LLM capabilities entirely. Instead, they limit their AI tools to low-volume, post-delivery triage products while relying solely on traditional filters for the main inbound flow. This leaves a massive protection gap.
An enterprise-grade architecture solves this through an optimized tokenomics pipeline and has LLM capabilities across all detection paths and response workflows, not just the triage product.
Just as a human analyst would figure out how to short-circuit and protect AI spend during a live volume spike, an intelligent agentic orchestration layer manages context window allocation behind the scenes, ensuring engineers achieve natural-language precision without sacrificing operational velocity.
When threats evolve at machine speed, waiting on manual rule tuning or vendor retraining cycles is a losing game. But moving to a natural language defense introduces a new battlefield: prompt injection.
Because an AI-native engine interprets message intent, the email payload effectively becomes executable code. Attackers are already embedding hidden, adversarial instructions inside phishing lures designed specifically to trick AI agents into overriding their policy rubrics. A superficial LLM wrapper will completely fold under these tactics.
A truly AI-native architecture protects its reasoning layer by isolating untrusted email content from system prompts. This means that modern security leaders are no longer asking, “Can my inbox tool catch a known bad link?”
Now, the question is: “Is my security architecture resilient enough to out-reason adversarial prompts and defend itself autonomously?”