Engineering Blog - Abnormal Security

Subscribe to receive twice-monthly updates of the latest attacks we've detected in the wild:

Re-Scoring an ML Detection Engine on Past Attacks (part 2)

Check out Justin Young’s latest medium blog. Read the full blog below: This is the second of two posts on ML Re-scoring at Abnormal. If you haven’t read Part 1 yet, you may want

Read more

How you Should Design ML Engineering Projects

Analysis of ML engineering lifecycles, common pitfalls, and a copy-and-paste template you can use. Founding engineer and Head of ML at Abnormal Security, Jeshua Bratman wrote an article for Towards Data Science.

Read more

Re-Scoring an ML Detection Engine on Past Attacks (part 1)

Check Abnormal’s Head of Machine Learning Jeshua Bratman’s latest medium blog. Read the full blog below: Developing a machine learning product for cybersecurity comes with unique challenges. For a bit of background,

Read more

A Story of Debugging an Unexpectedly Slow SQL Query Powering our Dashboards

Abnormal Security’s James Yeh wrote this medium post here. Read the full story below. Background Abnormal has a data-driven culture that permeates the entire organization, from the engineering team to product, sales,

Read more

Graph of Models and Features

At the core of all Abnormal’s detection products sits a sophisticated web of prediction models. For any of these models to function we need deep and thoughtfully engineered features, careful modeling of

Read more

Scaling in a High-Growth Environment

At Abnormal, the problems we are trying to solve are not that much different than those being tackled by other organizations, including non-startups. What is unique to startups are the additional constraints

Read more

Stopping New Email Attacks with Data Augmentation and Rapidly-Training Models

Authors: Lei Xu and Jeshua Bratman On October 21st 2020, just two weeks before the US general election, many voters in Florida received threatening emails purportedly from the “Proud Boys”. See this Washington Post article on the

Read more

Intelligent Signatures using Embeddings and K-Nearest-Neighbors

Authors: Vineet Edupuganti and Jeshua Bratman At Abnormal Security, one of our key objectives is to build a detection engine that can continuously adapt to a changing attack landscape. As such, we want to ensure

Read more

Combining ML Models to Detect Email Attacks

This article is a follow-up to one I wrote a year ago — Lessons from building AI to Stop Cyberattacks — in which I discussed the overall problem of detecting social engineering attacks using

Read more