chat
expand_more

Abnormal Releases

Learn about recent enhancements to Abnormal's behavioral AI security platform.
Date Launched
Tags

AI Security Mailbox

Learn More
May 15, 2024
AI Security Mailbox

ThreatIntelBase

Behaviorally-derived threat intelligence
Learn More
May 13, 2024
Platform

RBAC Improvements

Learn More
April 2, 2024
Platform
Posture Management

Google Chronicle Integration

Learn More
April 1, 2024
Platform
API

New Phishing Simulation Auto-Response Category

Learn More
March 5, 2024
Abuse Mailbox Automation

Regex for Search and Respond

Learn More
March 4, 2024
Inbound Email Security

Filter for QR Code Attacks in Threat Log

Learn More
January 24, 2024
Threat Log

Deeper Insights and Confidence Scores in Email Account Takeover Protection Enhance Investigation

Learn More
December 14, 2023
Account Takeover
Visibility
Security Automation

Email Productivity is Now Available for Google Workspace

Learn More
December 11, 2023
Email Productivity

Ingest Abnormal data into CrowdStrike Falcon® Insight XDR

Learn More
November 15, 2023
Platform

Email Account Takeover Protection: Detect the Signs of MFA Bypass in Compromised Accounts

Many recent, high-profile attacks have involved MFA bypass tactics such as session hijacking or MFA Fatigue. Attackers wanting to maintain a foothold in a compromised account will often bypass or manipulate MFA then socially engineer their way into registering a new MFA device. To help detect and combat these tactics, we have added new signals to our Account Takeover Protection solution. Abnormal can now detect suspicious device registration that could indicate an attacker has manipulated the account and may be attempting to establish persistence.
Learn More
October 31, 2023
Account Takeover
Attack Detection

Enhancements to Email Account Takeover Protection Case Explainability

Learn More
October 31, 2023
Account Takeover
Visibility

New Events in Email Security Posture Management to Help Stop Consent Phishing

Learn More
October 31, 2023
Visibility
Posture Management

Detecting Malicious QR Code Attacks

Learn More
October 30, 2023
Detection

Email Productivity: Detection Efficacy and Delegate Management Update

Learn More
August 15, 2023
Email Productivity

New API Endpoints: Dashboard Metrics and Remediation History

Learn More
August 9, 2023
Platform
API

Email Account Takeover Protection Ingestion of Posture Events

Learn More
July 31, 2023
Account Takeover
Posture Management

Email-Like Events Now Analyzed in Email Account Takeover Protection Cases

Learn More
July 31, 2023
Account Takeover

Mail Filter Rules and Additional App Permission Changes in Email Security Posture Management

Learn More
July 31, 2023
Posture Management

Improved Abuse Mailbox Automation Analysis Coverage for Infosec IQ Customers

Learn More
May 30, 2023
Abuse Mailbox Automation

Announcing Email-Like Security for Slack, Zoom, and Microsoft Teams

52% of organizations report experiencing multi-channel attacks that target not only email but move laterally across core collaboration applications. To combat these threats, Abnormal has extended the power of its email security platform to detect suspicious messages, remediate compromised accounts, and surface unusual changes to user privileges across Slack, Zoom, and Microsoft Teams.
Learn More
May 8, 2023
Account Takeover
Threat Log
Platform
Posture Management

Portal Enhancements: Abnormal App Store, Deployment Overview, and Platform Integration

Learn More
May 8, 2023
Platform
Product

Abuse Mailbox Automation Data Now Available in Existing SIEM Integrations

Learn More
May 8, 2023
Abuse Mailbox Automation

PeopleBase and TenantBase Now Available for Google Workspace

PeopleBase and TenantBase are now available for Google Workspace users. Similar to VendorBase, PeopleBase and TenantBase provide visibility into behavior and activities of entities within a cloud email environment. PeopleBase catalogs active users and builds dynamic profiles with behavioral data, as well as activity timelines of recent events. TenantBase provides an inventory of all email tenants within the environment and associated activities within them.
Learn More
March 8, 2023
Platform
Visibility

Introducing Security Posture Management (Generally Available)

Security Posture Management centralizes visibility into the integrated app permissions, user privileges, and security policies that constitute cloud email platforms. IT uses the behavioral profiles built by three of the Abnormal Knowledge Bases - PeopleBase, AppBase, and TenantBase - to monitor for high-impact configuration changes that could open the door for threat actors. Once these changes are identified, teams can drill into contextual insights with a before-and-after view of each change, links to entities involved, relevant documentation, and suggested next steps.
Learn More
March 1, 2023
Posture Management

MFA Bypass Detection in Abnormal Account Takeover Protection

While properly configured multi-factor authentication (MFA) stops the majority of authentication/authorization attacks, simple misconfigurations or user missteps can lead to catastrophe. Attackers are exploiting these gaps to commandeer user accounts.
Learn More
January 19, 2023
Account Takeover

Lateral Burst Detection

A key distinction of Abnormal Security’s detection is its ability to detect lateral east-west traffic, messages that are sent between employees inside of their email platform. Using this ability, Abnormal can now detect bursty patterns of an anomalous number of messages being sent from an account in short periods of time. This signal will be used to help detect attacks coming from internally compromised accounts to others internally and externally.
Learn More
January 13, 2023
Platform
Inbound Email Security
Attack Detection

Aggregate Detection Model Enhancements

Multiple enhancements that detect anomalies in the aggregate have been added to our detection model.
Learn More
December 8, 2022
Platform
Inbound Email Security
Attack Detection

Hijacked Thread Detection

To assist with detecting hijacked thread attacks, Abnormal added text-based attributes that analyze email message body and headers to better identify malicious messages containing unrelated conversations.
Learn More
December 5, 2022
Platform
Inbound Email Security
Attack Detection

Introducing Security Posture Management (Beta)

The Security Posture Management add-on improves the risk posture of cloud email environments by helping security teams understand and take action on configuration gaps, while eliminating the need for manual efforts, spreadsheets, or PowerShell scripts that are typically needed to perform discovery and mitigation.
Learn More
November 29, 2022
Product
Posture Management

New Sender IP Address and URL for Search & Respond

Search & Respond has new filters that make it faster and easier to locate email records.
Learn More
November 28, 2022
Inbound Email Security
Visibility
User Productivity

Detection 360 Filters

Abnormal users can now quickly find submitted detection tickets in Detection 360. The new functionality enables users to filter all D360 cases by...
Learn More
November 20, 2022
Platform
Inbound Email Security
Visibility
D360
Attack Detection

Multi-tenant Management

Customers can onboard and secure their new tenants faster using the new self-service multi-tenant management feature in Abnormal.
Learn More
November 17, 2022
Platform
Security Automation

New SIEM Event Type: Audit Log

Expansion of both Abnormal's SIEM export schema and API functionality to include Abnormal Audit Logs.
Learn More
November 14, 2022
Platform
Security Automation

Introducing Knowledge Bases: AppBase, PeopleBase, TenantBase

To help you and your team gain visibility to potential People, Application, and Tenant attack surface areas in Microsoft 365, we have added three new Knowledge Bases: TenantBase, AppBase, and PeopleBase. Each are available as no-cost Platform capabilities for all Abnormal customers.
Learn More
November 14, 2022
Platform
Visibility

New SIEM Event Fields

Added two new fields into the threats event type in the SIEM export schema to provide more granular detail to SOC teams.
Learn More
November 14, 2022
Platform
Security Automation

Detection 360 Email Notifications

In addition to tracking updates directly in your D360 portal, customers can now receive email notifications when a D360 case is resolved.
Learn More
November 13, 2022
Platform
Inbound Email Security
Visibility
D360
Attack Detection

API Endpoint Enhancement for Abuse Mailbox Automation

Abnormal has added a REST API endpoint to allow developers to programmatically extract more information from Abuse Mailbox Automation.
Learn More
November 9, 2022
Abuse Mailbox
Abuse Mailbox Automation
User Productivity

Abuse Mailbox Automation Now Analyzes and Surface Multi-forwarded Email Threads

Improved extraction logic in Abuse Mailbox Automation to surface multi-forwarded and reply phishing reported messages.
Learn More
October 24, 2022
Visibility
Abuse Mailbox
Productivity

New Search and Respond Fields and Filters

Security analysts can locate specific emails more quickly with a new filter and search fields. Customers who have Email Productivity enabled can filter the search to only show Graymail messages. Additionally, customers can now use two new fields to quickly search by...
Learn More
October 19, 2022
Platform
Visibility
Productivity

Improved Spam Detection

Abnormal has enhanced Inbound Email Security's detection model by leveraging behavioral intelligence that identifies more known-good behaviors to identify anomalies in emails that indicate spam. For example, older domains are less likely than young domains to be carrying out this newer type of spam we are now filtering out of inboxes.
Learn More
October 13, 2022
Platform
Inbound Email Security
Attack Detection

BERT Large Language Model (LLM)

With the addition of the BERT LLM enhancement, Abnormal's detection models can more easily determine if two emails are similar and are part of the same polymorphic email campaign targeting an organization.
Learn More
October 11, 2022
Platform
Inbound Email Security
Attack Detection
Detection

Detection 360 API Endpoint

New API endpoint for customers to fetch a list of Detection 360° reports that they have submitted and view corresponding details for each case, including report summaries, statuses, message analyses, and more.
Learn More
October 6, 2022
Platform
Inbound Email Security
D360
API

Threat Log Attachment Search

Threat log now supports the ability to search for attachment name, MD5, and SHA256.
Learn More
October 3, 2022
Threat Log
Platform
Inbound Email Security
Visibility