Abnormal + Microsoft 365: The Perfect Match for Email Security

With more than 1.55 million organizations globally relying on Microsoft 365 for cloud-based email and productivity solutions, it’s no surprise that it’s one of the most popular targets for threat actors. And as the preferred method of communication for business, attacks on email are not ending anytime soon.

Fortunately, Abnormal Security and Microsoft have spent the last several years establishing a deep partnership to offer organizations comprehensive protection against the full spectrum of email attacks. Combining Microsoft’s threat intelligence-based approach and Abnormal’s precise, behavioral analysis-based protection ensures our customers can achieve full protection while streamlining their email security architecture and reducing their security team overhead.

But don’t just take our word for it. Below are quotes from real Abnormal customers about why they love Abnormal’s email security for Microsoft 365.

“We were impressed by Abnormal’s API model, the fact that we could set it up with a 30-minute call, and that it worked seamlessly with our Microsoft 365 environment.”
—Brian Nordmann, CIO, Dudek

“Having worked with other products in the past… the integration for Abnormal is night and day quicker and simpler. As they integrate directly into Office 365, there's no need to update MX records.”
—Sr. Systems Engineer, Manufacturing Industry

Unlike secure email gateways, the Abnormal platform connects directly with Microsoft 365 via one-click API integration, without any disruption to email flow. No changes to your email configuration or MX records are required, and there is no need to set custom policies.

Further, because SEGs are designed to be deployed at the perimeter, they have little to no visibility into east-west email communications. As a result, they are unable to identify and prevent account takeovers or lateral phishing attempts.

Abnormal’s cloud-native architecture and API integration with Microsoft 365, however, allow the platform to achieve full end-to-end visibility into both north-south external email flow as well as east-west internal email flow. This provides valuable insight into internal email patterns and contextual signals that are essential for better detection and remediation of modern attacks that often originate from the inside.

“After we deployed Abnormal Security…we immediately discovered Abnormal as a complement security tool in [conjunction] to Microsoft O365. It made a huge difference.”
—Squad Leader of Incident Response, IT Services Industry

“Abnormal has, at last, plugged the huge gap in email security that a traditional SEG hasn't been able to address. The old rule-based approach just wasn't working; Abnormal [has] truly plugged the gap using AI….Abnormal allows you to get value from your Office 365 investment by using the [built-in] email protection features in Office 365 and then [plugging] in Abnormal for the clever stuff on top."
—Head of Global Technology Services, Finance Industry

When an organization uses both a SEG and Microsoft’s native security functionality, they unfortunately aren’t increasing their protection—it’s a duplication of defenses. Often, depending on the vendor, this approach can actually render Microsoft’s built-in security less effective.

In contrast, Abnormal enhances Microsoft’s native security with machine learning and AI to offer high-accuracy attack detection and prevention. Rather than using a rules- and policies-based system that is triggered only by known indicators of compromise, Abnormal’s approach involves establishing baselines for known-good behavior and then recognizing anomalies. By understanding what is normal, Abnormal can block the malicious and unwanted emails that bypass other solutions.

“Abnormal Security's use of ML to automatically detect and remediate spam, phishing, and other malicious email threats significantly reduces my team's time responding to email-based threats. Before implementing Abnormal Security in our M365 environment, my team would spend several hours each morning manually responding to email threats. Now, Abnormal gives us this time back to focus on other incidents.”
—Austin A., Cybersecurity Engineer, Education Industry

“I was spending the majority of my time combing through emails and then releasing them. After bringing Abnormal into the fold, I've been able to free up, I'd say 75% of that time, and really focus on other aspects of cloud security. We've been able to partner with Microsoft and Abnormal to provide a very robust system for the employees to get their job done and, on top of that, stay secure.”
—Robert Woods, Cloud Computing Director, Kroenke Sports & Entertainment

One of the biggest challenges we hear from customers during initial conversations is that their security analysts are spending too much time writing transport rules to block malicious attacks and researching why legitimate emails were blocked. With Abnormal and Microsoft, organizations can consolidate email security for Microsoft 365 into a more simplified architecture—eliminating the need for manual configuration and constant refinement.

When Abnormal identifies a risky or malicious email, it automatically remediates the message and all others like it. Additionally, Abuse Mailbox Automation alleviates bottlenecks by streamlining the entire process of evaluating user-reported emails. When users report an email, Abnormal automatically inspects and judges it as malicious, safe, or spam. If an email is malicious, Abuse Mailbox intelligently locates and removes other unreported emails within the same campaign.

While email attacks will continue to increase in both volume and severity, they can be stopped with the right combination of solutions. If you want to be confident that your email security will stop these attacks before they reach employee inboxes, now is the time to partner with Abnormal and Microsoft.

See how industrial manufacturer Coats drove a 97% decrease in daily unsafe user engagements and saved 30 hours per week on inbox investigations with Abnormal and Microsoft. Watch the on-demand webinar.