5 Reasons Our Customers Love Abnormal Security

Our customers mean the world to us, which is why every decision we make starts with determining what will yield the greatest benefits for them. “Customer obsession” is written into our company DNA, and we have a proven track record of driving customer impact.

With today being Valentine’s Day, it only seemed appropriate to take some time and celebrate a few of the reasons Abnormal customers chose to partner with us and why they trust our email security solution to protect their cloud email.

“We were ready to turn it on the next day. Abnormal provided a simple setup and ease of use that was a huge value to our operations staff because we don’t have time for a week of training for a new email security solution.”
—Eric Bowerman, CISO, Elara Caring

Traditional email security solutions come with a complex, time-consuming setup process that disrupts mail flow. Emails must be rerouted, MX records modified, and firewalls reconfigured. Further, legacy email security tools require complicated policies and rules to avoid false positives and false negatives. And filtering emails through external gateways means you’re at risk of a service outage.

But Abnormal’s cloud-native, API architecture enables customers to get started in minutes. The platform connects directly with Microsoft 365 or Google Workspace via one-click API integration—no custom policies or configurations required. Plus, there’s no impact on mail flow and no need to change MX records.

“Abnormal is seeing attacks that are mutating and that are more targeted or crafted, where other security solutions are only able to see something if it’s been detected elsewhere first. The entire platform is proactive, and it has really opened my eyes to what was actually reaching our user inboxes.”
—Security Engineer, Fortune 500 Global Financial Services Organization

Conventional email security measures focus on known-bad indicators of compromise—such as untrusted domains, suspicious links, and malicious attachments—which means they can’t prevent text-based and payloadless attacks.

Abnormal, on the other hand, combines natural language processing (NLP) and natural language understanding (NLU) of inbound email content with tens of thousands of signals about user identity and behavior to profile known-good behavior and detect anomalies that deviate from the baseline. Rather than forcing security teams into a reactive posture, the solution helps teams adopt a proactive approach against evolving threats with a solution that is constantly learning and adapting.

“Before Abnormal, we got five or six phishing tickets a day. With Abnormal, I’ve only seen one, and it had already gone [into] quarantine. Abnormal is just what we needed—a full-service tool that automatically does what we were doing manually before.”
—Mark Baldus, IT Infrastructure and Operations Manager, Dudek

Traditional approaches to managing user-reported emails are highly manual and provide limited context. As a result, IT teams and security analysts waste time writing transport rules to block malicious attacks and researching why legitimate emails were blocked—leaving little time to address higher-impact attacks.

Abnormal’s Abuse Mailbox Automation add-on automatically triages and remediates user-reported emails and marks them as malicious, spam, or safe. If an email is malicious, Abuse Mailbox intelligently locates and removes other unreported emails within the same campaign. Finally, it closes the communication loop by automatically sending a follow-up email to inform reporters of the submission outcome and remediation action.

“I really like the account compromise feature that autodetects threats and locks users out of those mailboxes. That was the real cherry on top for me because it gives me peace of mind that not only is Abnormal blocking all the attacks, but also that if one actually succeeded, Abnormal auto-remediates that mailbox.”
—Jim Robinson, CIO, SuperConcepts

Legacy email security solutions cannot effectively detect account takeovers because they lack visibility into identity, behavior, and device attributes that indicate a user’s account has been hijacked. Abnormal’s Email Account Takeover Protection module detects compromised email accounts by observing end-user behavior for any activity that deviates from their known normal, such as different login patterns or MFA methods, mail rule changes, changes in email content and tone, unusual email recipients, and more.

If an account has been compromised, Abnormal automatically blocks account access, triggers a password reset, and signs out of all active sessions. It also immediately remediates lateral emails sent from the account, so other employees cannot see or engage with them.

"I receive hundreds of promotional emails. If I were to go through them all, it would probably take up to 30% of my time each day. The Email Productivity module allows our users to focus on more important business projects to meet our goals.”
—Tas Jalali, Head of Cybersecurity, AC Transit

Employees spend hours every week deleting and sorting spam and excessive promotional mail (also known as graymail). Abnormal applies the same advanced behavioral AI, NLP, and NLU that enables our platform to detect and remediate the most sophisticated email attacks to the challenge of time-wasting email.

Our adaptive graymail control automatically adjusts individual users’ protection based on identity, content, and user behavior. Abnormal’s Email Productivity add-on maintains a native experience—eliminating the need for end-user quarantines or digest summaries. It also utilizes an API-based approach to surface unique productivity insights on user engagement, open rates, folder movements, and the productivity and time impact of limiting graymail on the business.

Along with an unwavering commitment to helping our customers stay one step ahead of attackers, Abnormal will always be dedicated to providing the best user experience and support experience.

We truly appreciate our customers taking the time to offer their feedback, and we’d love to show you how partnering with Abnormal can help your organization achieve comprehensive protection against email attacks while also simplifying your email architecture and streamlining SOC operations.

See for yourself why organizations across the globe love Abnormal security. Schedule a demo today.