Account Takeover Detection - Abnormal Security

Account Takeover Detection


Automatically uncover, investigate and respond to internal and external email account compromise.


Account Takeover Workflow

Abnormal Cases now has the ability to update Account Takeover case status and add investigation notes. Analysts now can leave additional evidence for each Account Takeover case and properly triage cases that have been acknowledged, closed, or re-opened. These features help streamline your security analysts’ workflow and tackle the Account Takeovers more quickly and with more confidence.

ATO Account Automatic Remediation

Customers can leverage end-to-end workflow from compromised account discovery to account lockdown/password reset, all performed by Abnormal automatically. Customers can benefit from faster, proactive account monitoring and remediation, while experience reduced manual effort and reduced risks of compromised accounts attempting further malicious activities.

Automatic Attack Correlation

Abnormal automatically correlates accounts with similar patterns of suspicious behavior to enable timely and comprehensive remediation of multi-account compromise.

Suspicious MFA Events

Customers with MFA will have additional account compromise detectors based on MFA sign-in failures.

Explainable Insights

ABX will explain and summarize the automated analysis into human readable and understandable insights.

Techniques that Abnormal uses to detect email attacks.