Abnormal Security provides a SOC platform for email on top of Microsoft & Google APIs to automate common tasks and improve the effectiveness of security operations. Automate security operations to more quickly and effectively triage, investigate and respond to attacks.
Datasheet
SOC Platform
Contents
Click to go to that section.
Description
Features
Abuse Mailbox Integration
Monitors your abuse mailbox for end-user reported emails and filters out non-malicious emails.
Triage End-User Reported Emails
Filters non-malicious emails from abuse mailbox, saving time and allowing your security team to address critical attacks instead of manually reviewing messages.
Automated Campaign-Based Remediation
Automatically identify similar malicious messages, allowing entire campaigns to be removed across all users based on a single message being reported.
Security Workflow Integration
Integration with your existing security stack allows for email response to be triggered based on email detection tools, SIEM alerts, or SOAR playbooks.
Flexible Remediation
Email campaign can be automatically remediated to Recoverable Item Folder. Recoverable Items Folder is not directly visible in end users’ Outlook client and therefore can further prevent end-users from potentially opening malicious emails post remediation. Contact your Account Manager if you would like this feature enabled.
Search and Destroy
In the Search & Destroy tool, you can search using email information such as sender, recipient, email subject, message ID, as well as source IP. Search & Destroy will surface email results that match the search criteria across the entire email environment for the past 30 days. Email that is deemed safe by Abnormal will not reveal detailed information beyond subject, recipient, sender, and timestamp.
