Abnormal Security’s current false positive rate is approximately 1:1Million messages, meaning less than 1%. Our technology detects anomalies by analyzing thousands of signals comparing individual and sequences of events against behavioral norms to determine level of risk. When our models do make an error in determining level of risk, It is extremely rare to have a business-critical false-positive occur.
Our software leverages a myriad of AI techniques to analyze thousands of signals before making a judgment on the threat level of an email. When a false positive does occur, we see exactly why that email was flagged and provide your team with a detailed report explaining why.
We take both false positives and negatives very seriously, and if these do happen we have a thorough protocol in place to remediate the situation and use this information to tune the system/models to increase efficacy.
When your team has identified a false positive, this can easily be reported through a 1-click process within the Abnormal Security Portal which moves the message back to the recipient’s inbox while notifying our team of the incident. We will investigate the false positive and provide a report detailing why the message was identified as malicious and how we’ll change to prevent similar future false positives.
A false negative can be reported within the portal by either uploading the email or manually inputting the following information:
Below you can see an example of the portal. In the drop-down menu under your name on the top right of the portal, you will see an option to “Report Missed Attack”. Next, you will be asked to provide information on the email, along with the option to upload the message.
Here you can see an example of a remediated false negative report. Once our team reviews the flagged message and investigates why this happened, we will email your team with a report detailing our findings.
This is an example of the process of a report:
After submitting a false positive, there are several actions that will take place:
We’ve incorporated this into the product roadmap, and are building a message routing system. This broader system and controls will allow security teams to:
Schedule a personalized product demo to see:
Schedule a personalized product demo to see:
Abnormal is the email security company that stands for trust.
© 2021 Abnormal Security Corporation.
All rights reserved.