Product FAQ: Data Privacy and Compliance - Abnormal Security Product FAQ Data Privacy and Compliance
Product FAQs  Data Privacy and Compliance

Product FAQ: Data Privacy and Compliance

Commonly Asked Questions:

How long are audit and security logs stored and can they be provided upon request?

Audit and security logs are stored by default for a 6 month period and can be provided to the customer upon request.

Does Abnormal Security execute any vulnerability testing including application code scans and penetration tests? If yes, can customers get executive summaries of the results?

Yes.  We conduct internal and external 3rd-party vulnerability testing from IOActive.com that includes application scanning and penetration testing.  Official report findings can be provided upon further request.

How does Abnormal Security comply with geographic data access restrictions imposed by privacy laws?

Abnormal Security complies with the United States’ individual state’s privacy laws and the EU’s GDPR privacy laws.

How does Abnormal Security protect our data privacy / security?

Abnormal Security takes data privacy and security very seriously. Because of our integration via Microsoft’s API, we do not retain any PII (personal identifying information) and all employee data is retained within your M365 environment.

When retrieving this information, we are using the API functionality to display this data within our portal. We are also SOC 2 Type 2 compliant. More details can be found within our Information Security & Privacy policies.

Want to learn more?

Schedule a personalized product demo to see:

  • Threat analytics, insights and reporting
  • Automated Triage, Investigation and response tools
  • Platform integrations into SIEM, SOAR
  • …and more
Automated Triage, Investigation and response tools

Want to learn more?

Schedule a personalized product demo to see:

  • Threat analytics, insights and reporting
  • Automated Triage, Investigation and response tools
  • Platform integrations into SIEM, SOAR
  • …and more