Enhanced Explainability of Account Takeovers - Abnormal Security

Enhanced Explainability of Account Takeovers

To detect account takeovers, Abnormal Security’s machine learning algorithms utilize many factors related to location, devices, and applications. Until now, however, much of that information was not exposed to users.

We have made significant improvements to the explainability of account takeover cases. We added more information to the sign-in cards (e.g. ISP and device trust type). We also highlight why sign-ins are suspicious. In the example below, the IP address was very rare for the user and the company, and it is also a proxy, which attackers frequently use to hide their identities.

Additionally, we are surfacing our deep knowledge of sign-in characteristics. Users can now see what are common states that a user signs in from, and what operating systems they use, for example. This information can be helpful in terms of judging a case.

Abnormal Security excels in its accuracy in detecting account takeover attacks. Just as importantly, we are on the cutting edge of machine learning explainability so that users can understand why we think an account takeover has occurred.

Related content