Abnormal Releases

Learn about recent enhancements to Abnormal's behavioral AI security platform.
Date Launched
Tags

PeopleBase and TenantBase Now Available for Google Workspace

PeopleBase and TenantBase are now available for Google Workspace users. Similar to VendorBase, PeopleBase and TenantBase provide visibility into behavior and activities of entities within a cloud email environment. PeopleBase catalogs active users and builds dynamic profiles with behavioral data, as well as activity timelines of recent events. TenantBase provides an inventory of all email tenants within the environment and associated activities within them.
Learn More
March 8, 2023
Platform
Visibility

Introducing Security Posture Management (Generally Available)

Security Posture Management centralizes visibility into the integrated app permissions, user privileges, and security policies that constitute cloud email platforms. IT uses the behavioral profiles built by three of the Abnormal Knowledge Bases - PeopleBase, AppBase, and TenantBase - to monitor for high-impact configuration changes that could open the door for threat actors. Once these changes are identified, teams can drill into contextual insights with a before-and-after view of each change, links to entities involved, relevant documentation, and suggested next steps.
Learn More
March 1, 2023
Posture Management

MFA Bypass Detection in Abnormal Account Takeover Protection

While properly configured multi-factor authentication (MFA) stops the majority of authentication/authorization attacks, simple misconfigurations or user missteps can lead to catastrophe. Attackers are exploiting these gaps to commandeer user accounts.
Learn More
January 19, 2023
Account Takeover

Lateral Burst Detection

A key distinction of Abnormal Security’s detection is its ability to detect lateral east-west traffic, messages that are sent between employees inside of their email platform. Using this ability, Abnormal can now detect bursty patterns of an anomalous number of messages being sent from an account in short periods of time. This signal will be used to help detect attacks coming from internally compromised accounts to others internally and externally.
Learn More
January 13, 2023
Platform
Inbound Email Security
Attack Detection

Aggregate Detection Model Enhancements

Multiple enhancements that detect anomalies in the aggregate have been added to our detection model.
Learn More
December 8, 2022
Platform
Inbound Email Security
Attack Detection

Hijacked Thread Detection

To assist with detecting hijacked thread attacks, Abnormal added text-based attributes that analyze email message body and headers to better identify malicious messages containing unrelated conversations.
Learn More
December 5, 2022
Platform
Inbound Email Security
Attack Detection

Introducing Security Posture Management (Beta)

The Security Posture Management add-on improves the risk posture of cloud email environments by helping security teams understand and take action on configuration gaps, while eliminating the need for manual efforts, spreadsheets, or PowerShell scripts that are typically needed to perform discovery and mitigation.
Learn More
November 29, 2022
Product
Posture Management

New Sender IP Address and URL for Search & Respond

Search & Respond has new filters that make it faster and easier to locate email records.
Learn More
November 28, 2022
Inbound Email Security
Visibility
User Productivity

Detection 360 Filters

Abnormal users can now quickly find submitted detection tickets in Detection 360. The new functionality enables users to filter all D360 cases by...
Learn More
November 20, 2022
Platform
Inbound Email Security
Visibility
D360
Attack Detection

Multi-tenant Management

Customers can onboard and secure their new tenants faster using the new self-service multi-tenant management feature in Abnormal.
Learn More
November 17, 2022
Platform
Security Automation

New SIEM Event Type: Audit Log

Expansion of both Abnormal's SIEM export schema and API functionality to include Abnormal Audit Logs.
Learn More
November 14, 2022
Platform
Security Automation

Introducing Knowledge Bases: AppBase, PeopleBase, TenantBase

To help you and your team gain visibility to potential People, Application, and Tenant attack surface areas in Microsoft 365, we have added three new Knowledge Bases: TenantBase, AppBase, and PeopleBase. Each are available as no-cost Platform capabilities for all Abnormal customers.
Learn More
November 14, 2022
Platform
Visibility

New SIEM Event Fields

Added two new fields into the threats event type in the SIEM export schema to provide more granular detail to SOC teams.
Learn More
November 14, 2022
Platform
Security Automation

Detection 360 Email Notifications

In addition to tracking updates directly in your D360 portal, customers can now receive email notifications when a D360 case is resolved.
Learn More
November 13, 2022
Platform
Inbound Email Security
Visibility
D360
Attack Detection

API Endpoint Enhancement for Abuse Mailbox Automation

Abnormal has added a REST API endpoint to allow developers to programmatically extract more information from Abuse Mailbox Automation.
Learn More
November 9, 2022
Abuse Mailbox
Abuse Mailbox Automation
User Productivity

Abuse Mailbox Automation Now Analyzes and Surface Multi-forwarded Email Threads

Improved extraction logic in Abuse Mailbox Automation to surface multi-forwarded and reply phishing reported messages.
Learn More
October 24, 2022
Visibility
Abuse Mailbox
Productivity

New Search and Respond Fields and Filters

Security analysts can locate specific emails more quickly with a new filter and search fields. Customers who have Email Productivity enabled can filter the search to only show Graymail messages. Additionally, customers can now use two new fields to quickly search by...
Learn More
October 19, 2022
Platform
Visibility
Productivity

Improved Spam Detection

Abnormal has enhanced Inbound Email Security's detection model by leveraging behavioral intelligence that identifies more known-good behaviors to identify anomalies in emails that indicate spam. For example, older domains are less likely than young domains to be carrying out this newer type of spam we are now filtering out of inboxes.
Learn More
October 13, 2022
Platform
Inbound Email Security
Attack Detection

BERT Large Language Model (LLM)

With the addition of the BERT LLM enhancement, Abnormal's detection models can more easily determine if two emails are similar and are part of the same polymorphic email campaign targeting an organization.
Learn More
October 11, 2022
Platform
Inbound Email Security
Attack Detection
Detection

Detection 360 API Endpoint

New API endpoint for customers to fetch a list of Detection 360° reports that they have submitted and view corresponding details for each case, including report summaries, statuses, message analyses, and more.
Learn More
October 6, 2022
Platform
Inbound Email Security
D360
API

Threat Log Attachment Search

Threat log now supports the ability to search for attachment name, MD5, and SHA256.
Learn More
October 3, 2022
Threat Log
Platform
Inbound Email Security
Visibility