Abnormal Security provides a SOC platform for email on top of Microsoft & Google APIs to automate common tasks and improve the effectiveness of security operations. Automate security operations to more quickly and effectively triage, investigate and respond to attacks.
Monitors your abuse mailbox for end-user reported emails and filters out non-malicious emails.
Filters non-malicious emails from abuse mailbox, saving time and allowing your security team to address critical attacks instead of manually reviewing messages.
Automatically identify similar malicious messages, allowing entire campaigns to be removed across all users based on a single message being reported.
Integration with your existing security stack allows for email response to be triggered based on email detection tools, SIEM alerts, or SOAR playbooks.
Email campaign can be automatically remediated to Recoverable Item Folder. Recoverable Items Folder is not directly visible in end users’ Outlook client and therefore can further prevent end-users from potentially opening malicious emails post remediation. Contact your Account Manager if you would like this feature enabled.
In the Search & Destroy tool, you can search using email information such as sender, recipient, email subject, message ID, as well as source IP. Search & Destroy will surface email results that match the search criteria across the entire email environment for the past 30 days. Email that is deemed safe by Abnormal will not reveal detailed information beyond subject, recipient, sender, and timestamp.
