A Transformative Year for Abnormal Security: Reflecting on the Milestones, Innovations, and Challenges That Shaped 2024

As 2024 draws to a close, we at Abnormal Security take this opportunity to reflect on a year marked by remarkable AI and security advancements, strategic milestones, and a continued commitment to protecting our customers against the ever-evolving threat landscape.

This year, we saw a surge in the sophistication and volume of cyber threats—particularly targeted credential phishing, context-aware business email compromise, and attacks targeting non-email communication and collaboration platforms.

In fact, our most recent Threat Report notes a 50% year-over-year increase in overall advanced threats, and a 350% increase year-over-year in attacks meant to bypass MFA by way of compromised Dropbox, Sharepoint, or similar file-sharing tools. All while legacy SEG solutions saw a 250% increase in the attacks they missed.

To cover this dangerous gap, we expanded our own solutions, developed groundbreaking new AI features, and earned the trust of an increasingly large customer base. As always, these achievements were driven by your feedback—as our customers are also our key strategic partners—and our relentless focus on innovation and drive to build a generational organization. Here are some of the highlights.

This year marked a major shift in our strategy to address the challenges of securing interconnected cloud ecosystems. While email remains a critical threat vector and key focus for Abnormal, attackers are increasingly targeting other cloud platforms to gain a foothold in enterprise environments. Multiple high-profile attacks this year highlight this trend

To meet these challenges, we expanded our AI-powered protection to the most commonly used SaaS applications and cloud infrastructure platforms such as Salesforce, Workday, Okta, AWS, and over a dozen more—providing a unified approach to managing and securing cloud identities.

By monitoring user activity across these platforms, we can detect signs of compromise—such as unauthorized access or unusual behavioral patterns—and initiate automated or manual remediation to stop threats quickly. This unified approach simplifies security operations, empowers security teams with visibility and control many customers noted they did not previously have, and provides a behavioral AI layer to protect identities in multi-cloud environments.

A cornerstone of our 2024 innovations was the introduction of the AI Security Mailbox (previously Abuse Mailbox Automation). A personal security assistant for end users and a help desk assistant for SOC analysts, this feature represents a significant leap in operational efficiency and showcases the power of AI.

For security teams, the AI Security Mailbox automates the triage of user-reported emails, instantly analyzing threats and providing clear, actionable feedback. For end users, it acts as a conversational guide, explaining why certain emails are suspicious and encouraging good security hygiene and behaviors through continued interaction. By reducing the manual workload on security teams and fostering a culture of security awareness among employees, this tool has quickly become an essential part of our customers’ defense strategies.

As Jeff Deakins, Director of Information Security and Infrastructure at Marmon Holdings, notes: “AI Security Mailbox automates the user-reported email workflow 100%, so we don't spend any time on it. The user reports it, and if it's malicious, Abnormal just removes it from inboxes.”

Jeff goes on to note that “the solution can actually point out what in the email is malicious, which is really the ability to coach and drive security awareness.” The inclusion of a conversational element helps build a culture of security and provides a modicum of just-in-time awareness training—but more on that topic in the future.

Understanding the unique needs of our customers has always been at the heart of our mission. This year, we introduced a new feature: Success Criteria. Accessible through the customer portal, this tool enables organizations to define, measure, and communicate the value they derive from the Abnormal platform.

By providing an intuitive way to prioritize goals, track outcomes, and offer feedback, Success Criteria fosters a collaborative relationship between our team and our customers. This innovation ensures that our solutions remain aligned with real-world needs and deliver measurable results. As the Security team can often be considered the “department of ‘no,’” being able to measure Abnormal against security and business goals is a critical step in helping prove that security is, in fact, the department of innovation that secures transformation rather than hinders it.

Building on our commitment to visibility and contextual intelligence, we launched ThreatIntelBase in 2024 to complement our existing Knowledge Bases. This new repository consolidates threat intelligence from diverse sources inside and outside of Abnormal, providing a unified view of the threat landscape. In its current emergent state, ThreatIntelBase is a federated database cataloging malicious IP addresses detected across customer environments, but the ultimate goal of ThreatIntelBase is to empower security teams with diverse signals and insights to help anticipate and neutralize threats.

Even with all of these new innovations and expansion of our portfolio, our core is still Inbound Email Security. Attackers are constantly evolving their tactics to bypass traditional defenses, and we must remain a consistent first line of defense. This year, we introduced a variety of key detection enhancements to address increasingly sophisticated threats. Some of the most salient include:

• Enhanced Image-Based Threat Detection: Our advanced AI models now analyze images alongside email context, detecting malicious visuals like fake invoices or spoofed brand content. This prevents attacks that rely on images to evade text-based detection.

• Improved Impersonation Detection: We strengthened our defenses against display name impersonation, VIP fraud, and brand spoofing, identifying tactics such as sender name obfuscation and legitimate domain mimicry.

• Obfuscated Payload Protection: New models detect attacks leveraging hidden text, appended conversations, and malicious PDFs, effectively blocking phishing schemes and credential theft attempts.

• Proactive Campaign Analysis with LLMs: Using large language models, we grouped phishing campaigns by identifying shared tactics, enabling us to more efficiently block entire campaigns all at once based on their patterns.

With continuous AI enhancements and proactive threat analysis, Abnormal Security stays ahead of attackers, providing unparalleled protection against evolving email threats.

The year 2024 marked significant milestones for Abnormal Security, showcasing our growth, innovation, and impact on the cybersecurity industry. In August, we completed a $250 million Series D funding round, raising our valuation to $5.1 billion. This funding fuels our commitment to innovation, allowing us to accelerate product development and expand our global footprint. And in that same month, we announced that we had eclipsed $200M in revenue, just one year removed from reaching $100M.

This growth did not go unnoticed. We were thrilled to receive several prestigious awards and accolades, reflecting our impact on the cybersecurity industry and beyond. Most notably, we were recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for Email Security. This acknowledgment underscores our dedication to revolutionizing email security with AI-powered solutions that protect organizations from sophisticated threats like phishing and business email compromise.

We were also recognized in key industry publications, including:

• Forbes Cloud 100: Ranked among the top 100 private cloud companies globally.

• CNBC Disruptor 50: Considering a leading disruptor in the AI renaissance.

• SC Awards 2024: Named Best Security Company.

• Fast Company: Recognized as one of the Most Innovative Companies in AI.

These honors validate the hard work of our team and the trust our customers place in us. And with a 99% recommendation rate on Gartner Peer Insights™ and a growing roster of Fortune 500 customers (Abnormal now supports 20% of this prestigious group), our mission to fight cybercrime and make the digital world safer is stronger than ever.

This year, we also made significant strides in not only growing vertically but horizontally as we expanded our reach across industries and the globe. With our FedRAMP "In Process" designation, we can now begin delivering our solutions to select federal agencies, helping to secure critical infrastructure and sensitive government data in a space increasingly affected by cyber warfare.

Additionally, we are privileged to have the opportunity to invest in growing our global footprint at a time when many organizations are tightening their belts. Now nearing 1,000 employees, our presence in the Asia-Pacific region, as well as Europe, the Middle East, and Africa, has grown considerably. By tailoring our solutions to the unique needs of these regions, we’ve solidified our position as a trusted partner in cybersecurity worldwide.

As we close out the year, we remain deeply grateful to our customers, partners, and employees who make our mission possible. Looking ahead to 2025, we are excited to continue pushing the boundaries of what’s possible in cybersecurity. From expanding our AI capabilities to addressing new threat vectors, the future holds immense potential.

Thank you for trusting Abnormal Security to keep your organizations, employees, and data safe—so you and your users can go ahead and be human.