Abnormal Security provides a SOC platform for email on top of Microsoft & Google APIs to automate common tasks and correlate events to identify and surface incidents to security operations teams.
Datasheet
Incident Response Automation
Contents
Click to go to that section.
Comprehensive Incident Response Automation
Features
Respond to Compromised Accounts
Account compromise detection capabilities gives SecOps valuable time to initiate Office 365 password resets, trigger SSO password reset, revoke active sign-in sessions, disable and enable accounts and create service tickets.
Abuse Mailbox (Employee Reported Attacks)
Manage and analyze suspicious emails reported by employees into a central repository and take action on the emails by remediating them or moving them to a folder.
Bulk Remediation Across Tenant
Based on a single malicious email, automatically uncover similar malicious emails and bulk remediate them across all users email boxes in a single click.
Security Workflow Integrations
Seamless API-Integration with your existing security stack allows for email response to be triggered based on email detection tools, SIEM alerts, or SOAR playbooks. Learn more
Search and Respond
In the Search & Respond tool, you can search using email information such as sender, recipient, email subject, message ID, as well as source IP. Search & Respond will surface email results that match the search criteria across the entire email environment for the past 30 days. Email that is deemed safe by Abnormal will not reveal detailed information beyond subject, recipient, sender, and timestamp.
VIP Notifications
Abnormal provides the ability to send SOC team email notifications when an email attack campaign involves VIP recipients. Benefit from added visibility and control with proactive alerting for high-risk individuals.
Abnormal is the email security company that stands for trust.
© 2020 Abnormal Security Corporation.
All rights reserved.