A Year With CrowdStrike: Empowering Defenses and Driving Change

Discover the biggest milestones achieved in the first year of the Abnormal and CrowdStrike partnership and how we are helping joint customers improve their security posture with AI-powered technology.
March 29, 2024

A year ago, we launched a strategic partnership with CrowdStrike, aiming to enhance protection against email and endpoint attacks for our shared customers. This integration has proven to be highly beneficial, delivering comprehensive security, reduced cost, improved operational efficiency, and enhanced threat detection capabilities. Let's reflect on some of the biggest milestones achieved in the first year of this partnership.

The Evolution of Email + Endpoint Threats

Email and endpoint devices are prime targets for cybercriminals, leading to significant financial and reputational damage for organizations. Just one attack type—socially-engineered business email compromise attacks—has accounted for over $54B in exposed losses since 2013, with nearly $3 billion in actual losses last year alone, according to the 2023 IC3 Report.

Attackers are continually evolving their tactics, launching sophisticated, socially-engineered email attacks and account takeovers that often go undetected by traditional security measures. In the last year, this has been exacerbated by attackers using Generative AI to scale hyper-personalized attacks, uniquely taking advantage of human trust in digital communication.

Security teams also face challenges due to fragmented solutions that lack integration, forcing them to manually analyze thousands of alerts with disjointed security data or attempt to integrate systems themselves. It can take hours of focused work to normalize data between security tools before an analyst can even make thoughtful discoveries about indicators of attack. Not only does this take time, but this tangential work distracts analysts from their core mission of defending the organization.

Comprehensive Protection with Abnormal + CrowdStrike

To address this issue, Abnormal and CrowdStrike formed a bi-directional integration offering two key components:

  • Data integration to normalize information, with shared threat and attack data between consoles, for quick access to necessary information when and where it is needed.

  • Connected detection and response for compromised accounts and ongoing attacks impacting email platforms and endpoints.

The initial integration was created between Abnormal’s Email Account Takeover Protection and CrowdStrike’s Identity Threat Protection products to help security teams correlate meaningful events across identity, endpoint, and email solutions and respond quickly to incidents in progress. Security teams quickly saw value in the bi-directional integration, improving investigation speed and attack response time.

This partnership is unique in that Abnormal and CrowdStrike both leverage the power of machine learning to flag anomaly detections based on normal behavioral patterns, which enables the detection of more sophisticated attacks, including those generated by AI. Abnormal’s human behavior AI adds deep understanding to each individual associated with an organization, whether internal or a third-party vendor, and uses that business context to determine anomalous and malicious activity. This understanding enriches case timelines to give an analyst a more complete picture of ongoing attacks.

Enhanced Detection with Falcon Insight XDR Integration

Last November, we continued to build on this partnership ‌by launching a new XDR integration—Abnormal Security Data Ingestion for CrowdStrike Falcon Insight XDR. This integration allows teams to easily consolidate email attacks, account takeovers, and identity-based incidents into comprehensive views in order to quickly detect and respond to threats. Joint customers have benefited greatly from this integration, saving hours of internal security teams’ time and allowing them to focus on more pressing concerns.

Our Customers Are Seeing the Difference

In the past year, customers have seen the difference in their security posture as a result of the Abnormal and CrowdStrike partnership.

“The enhanced, integrated offerings from CrowdStrike and Abnormal further strengthen our security infrastructure and quickly orchestrate responses. These solutions provide enhanced protection for our organization as well as significant time savings and process efficiencies.” —Drew Robertson, Chief Information Security Officer, Finance of America Companies
“The Falcon platform has become the center of gravity for the critical security data needed to stop breaches. The partnership with Abnormal and CrowdStrike delivers industry-leading AI-powered protection to a growing number of customers. The powerful combination of the AI-native innovations of the Falcon platform and the human-behavior AI of Abnormal’s Email Account Takeover Protection delivers the high-fidelity detections that organizations need to detect and stop sophisticated attacks.”
– Amanda Adams, VP Americas Alliances, CrowdStrike

What’s Next

Looking forward, Abnormal and CrowdStrike will continue our joint focus to protect customers and make life easier for security analysts. The problems and pains for security teams aren’t going to dissipate. Endpoints and email will continue to be significant attack surfaces, and threats targeting employees will grow and evolve. Analysts will still have too many alerts from disparate tools. We’re working to do our part to streamline processes and alleviate manual efforts where we can.

Together, we will continue to provide high-fidelity alerts and information with context and correlation to help security analysts separate signals from noise - making more informed decisions to protect their businesses.

Interested in learning more about how Abnormal + CrowdStrike can improve your security posture? Schedule a Demo today!

A Year With CrowdStrike: Empowering Defenses and Driving Change

See Abnormal in Action

Get a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.


See the Abnormal Solution to the Email Security Problem

Protect your organization from the full spectrum of email attacks with Abnormal.

Integrates Insights Reporting 09 08 22

Related Posts

Social Images for next Cyber Savvy Blog
Explore how Alex Green, the CISO of Delta Dental, safeguards over 80 million customers against modern cyber threats, and gain valuable insights into the cybersecurity landscape.
Read More
B Images for EDB Blog from Sanjay
Abnormal is excited to announce the establishment of a strategic partnership with the Singapore Economic Development Board (EDB).
Read More
B Automotive Data Blog
Research reveals the automotive industry has become a popular target for business email compromise and vendor email compromise attacks. Learn why.
Read More
B QR Code Phishing Blog
QR code phishing is the newest iteration of phishing. Learn about the latest malicious initiative designed to evade organizational security measures and manipulate targets.
Read More
B Integrations
Discover how Abnormal's innovative platform integrations are providing customers with enhanced threat detection, efficient incident response, and more.
Read More
B Threat Hijacking Multi Persona Attacks Blog
Discover how threat actors are creating more sophisticated attacks utilizing lookalike domains and new personas, and learn how Abnormal can detect these attacks.
Read More