Introducing AI Security Mailbox: Your New AI Coworker for Email Security Operations

Managing user-reported phishing emails significantly drains the resources of security teams. Manual triage, remediation, and response are not only time-consuming but often lead to a poor user experience and missed opportunities for personalized security coaching for employees. This is where our new product, the AI Security Mailbox—a transformational AI upgrade to our former Abuse Mailbox Automation product, steps in and changes the game.

AI Security Mailbox has two distinct but related capabilities:

• An AI Security Analyst to deliver a personalized, engaging, and delightful experience for every employee.

• An AI security help desk coworker to alleviate the operational burden of SOC teams.

Let’s take a deeper look at both of these capabilities and how they address security challenges.

Influencing security awareness in a meaningful way is difficult for security teams, especially given the following specific challenges:

• Poor employee experience with reported phishing emails. Following the report of a suspected phishing email, employees receive either no response or a very limited one. This lack of acknowledgment can demotivate employees from reporting phishing emails, as they may feel their submissions are disregarded or overlooked.

• Generic security awareness training. Current tools prohibit security teams from delivering customized and targeted security coaching for every employee, resulting in disengagement and apathy for security awareness.

• Missed opportunities. Security teams lack resources, resulting in missed opportunities to engage with employees to build their brand and enable more delightful interactions with security for employees.

Abnormal’s Abuse Mailbox Automation product today allows security teams to respond to employees about their reported emails through automated templates. While the auto-responding capability is valuable to our customers and enables them to close the feedback loop, it misses an opportunity to provide personalized coaching to that employee and respond to any questions they have about the email or other security topics. Responses to employees typically look like this:

AI Security Mailbox transforms the templated response by utilizing the AI Security Analyst to reply with a much more detailed and insightful response. You can see an example response from the AI Security Analyst in the below image. In this response, the AI Security Analyst not only shares the classification of the reported email, but also provides additional context to educate the reporter—such as information about the sender, the domain, email authentication signatures, and more. All of this content is shared in an empathetic and affirming manner to encourage future reporting habits.

But what if employees have a follow-up question about the reported email or another security topic? Now, AI Security Analyst allows them to ask those questions and receive a prompt response. Let’s say that the employee in the previous example had a question about email security signatures. Now they can conversationally ask the question by simply replying to the email.

The AI Security Analyst instantly replies back with a response providing more explanation to the question that the employee had.

Security teams can deploy this functionality within their organization in minutes. The security analyst comes pre-trained with the best practices of an enterprise security analyst but also allows easy customization to your organization. Just three quick steps to deploy.

Step 1: Configure Your AI Security Analyst. In this step, you name your analyst and provide it with custom instructions. Custom instructions can include security context such as password mandates, security awareness training standards, IDP systems, and more to ingest and uniquely understand customer security processes. You can also specify the tone the analyst should use in responses to employees.

Step 2: Chat with your AI Security Analyst. In this step, you can see how your AI security analyst performs based on the custom instructions provided. Ask questions to see how the AI security analyst uses your custom instructions in its responses.

Step 3: Deploy! Specify what the email subject line is for responses and you are ready to roll!

• Personalized Security Education: Every employee gets the chance to learn about security practices relevant to their experiences and reports.

• Enhanced Employee Engagement: Users interact with AI that not only helps but also delights, making security awareness more engaging.

• Elevated Security Brand: Present your security team as innovative and responsive, leveraging AI to elevate user interactions.

AI Security Mailbox addresses one of the most operationally inefficient processes for security teams, the user-reported phishing email workflow. A typical user-reported email workflow looks something like the image below.

Security teams have to manually triage what feels like an endless queue of reported messages and scour the email environment for malicious emails from the same sender/campaign that were received by other employees. Security teams then have to manually respond to each reporter letting them know the submission outcome. Lastly, and maybe most frustratingly, security teams have no visibility on the effectiveness of this whole process.

AI Security Mailbox leverages AI to autonomously inspect and judge every reported email and automatically bulk remediate unreported malicious and spam messages in the same campaign. Malicious messages are analyzed by Abnormal’s proprietary AI models that have a behavioral understanding of the organization and people involved. Upon judgment of reported messages, AI Security Mailbox responds to reporters automatically, as detailed above.

If a reported message is deemed malicious, AI Security Mailbox will locate and remove all malicious messages from the same phishing campaign found in other employee inboxes. In the example below, you can see that Sean Young reported a message that was deemed malicious, AI Security Mailbox automatically remediated this message from 21 employee inboxes.

AI Security Mailbox also provides visibility and reporting into the latest trends of phishing reporting, attack types remediated, and the top phishing reporters. This reporting can be integrated with downstream SIEM and SOAR platforms.

• Reclaim Security Resources: Save 5,000 SOC analyst hours every year with 24/7 AI triage and remediation of user-reported phishing emails.

• Reduce Security Team Fatigue: Reduce manual investigation and response times by 95% by leveraging AI and automation to enhance efficiency, optimize security workflows, and mitigate burnout.

• Improve Threat Mitigation: Remove associated malicious emails before they can cause harm, minimizing the number of cybersecurity incidents.

What truly sets the AI Security Mailbox apart is its use of Abnormal's proprietary AI models, which are designed to understand organizational behavior and make intelligent decisions about email threats. While these models handle the behavioral analysis and decision-making, we utilize OpenAI technologies to generate natural, conversational responses. This combination ensures that our responses are not only accurate but also engaging and informative for the end-user.

AI Security Mailbox provides a transformative new way to enhance security operations and engage employees. AI Security Mailbox will be generally available on July 1. Any existing customer of Abuse Mailbox Automation will automatically receive a free upgrade to AI Security Mailbox at that time.

Request a demo of the AI Security Mailbox today!