Enhanced Explainability of Account Takeovers
To detect account takeovers, Abnormal Security’s machine learning algorithms utilize many factors related to location, devices, and applications. However, until now, much of that information was not exposed to users. In an effort to be as customer-centric as possible, we're changing that starting today.
We have made significant improvements to the explainability of account takeover cases. Within the product, we added more information to the sign-in cards, including ISP and device trust type. We also highlight why sign-ins are suspicious to provide further information to those reviewing potential account compromises. In the example below, the IP address was very rare for the user and the company, and it is also a proxy, which attackers frequently use to hide their identities.
Additionally, we are surfacing our deep knowledge of sign-in characteristics. For example, analysts can now see the common states from which the user signs in, and what operating systems they typically use. This information can be extremely helpful in terms of judging a case.
Abnormal Security excels in its accuracy in detecting account takeover attacks. Just as importantly, we are on the cutting edge of machine learning explainability so that users can understand why we think an account takeover has occurred.
To learn more about our account takeover functionality, request a demo today.
See the Abnormal Solution to the Email Security Problem
Protect your organization from the full spectrum of email attacks with Abnormal.