Built by someone who watched attacks succeed.
InboxWatch was created by a SOC analyst who spent years watching real attacks work - not because security tools failed, but because they were looking in the wrong place.
Nicholas Papadam
Founder & CEO
Miami, Florida
“After watching a $2M wire fraud succeed because a simple forwarding rule went undetected for weeks, I built InboxWatch to catch what every other tool was missing.”
The attack nobody watches for
Traditional security tools monitor network endpoints and SIEM event streams. But the most damaging attacks happen inside email infrastructure itself. Hidden forwarding rules silently exfiltrate conversations for weeks before anyone notices.
The attack pattern we keep seeing
Adversaries compromise an email account, set hidden forwarding rules, and quietly siphon information for weeks. Traditional tools don't watch for this because they focus on endpoints, not email infrastructure.
We watch the infrastructure,
not the emails.
InboxWatch scans email infrastructure without ever reading email content. We inspect the settings, rules, and permissions where attackers actually hide.
Every detection maps to a real attack pattern observed during incident response at enterprise scale. No theoretical threats, no checkbox compliance. Just the things that actually matter.
Metadata only, always
- No permission to read email bodies
- Scans rules, filters, OAuth apps, and headers
- We literally cannot read your content
Built from real incidents
- Every detection maps to a real attack
- SOC-tested across Fortune 500 environments
- Continuously refined from incident response
Transparent by design
- OAuth scopes publicly documented
- Verify our permissions anytime
- We never request email body access
Verify our permissions yourself
We believe security tools should be transparent about what they access. Check exactly what InboxWatch can see in your account settings. No surprises, no hidden permissions.
You will see exactly which permissions InboxWatch requests. We only ask for metadata access, never email content. On Google, look for “Gmail settings (basic)” and “Gmail metadata.” On Microsoft, look for “Read mailbox settings” and “Read basic mail.”
Our journey
- Q1 2025Company founded
Built from years of SOC experience responding to email-based attacks
- Q3 2025Beta launch
First users onboarded with core scanning engine and detection suite
- Q4 20251,000+ scans completed
Detection engine refined with real-world findings across industries
- Q1 2026Public launch
Full platform available with Google and Microsoft 365 support
InboxWatch
A cybersecurity company focused on one thing: making sure attackers can't hide in your email infrastructure. InboxWatch is our flagship product, built from real SOC experience and continuously refined from live incident response.
Solo founder
Founded and built by Nicholas Papadam, a senior SOC analyst with 6+ years of Fortune 500 security operations experience.