INBOUND EMAIL THUMBNAIL trim v2

Inbound Email Protection

Provides comprehensive email security to precisely block the full spectrum of email attacks—phishing, malware, ransomware, fraud, social engineering, impersonation, spam, and graymail—using behavior AI.

Fully automates email security operations and dramatically simplifies reporting. Deploy in minutes at any scale. No configuration or policies required.

Highest-Precision Protection Against All Email Attacks

Complete Email Attack Protection

Uses behavioral AI to detect attacks that evade cloud email security and SEGs

Streamline Security Operations

Deploys with one click, and is proven to simplify your email security architecture

Improve Employee Experience

No more spam and quarantine digests; keep end users in their mailboxes

Stop Attacks That Evade Secure Email Gateways

Continuously analyzes email, Active Directory, and security logs via cloud APIs to baseline good behavior and precisely block all email attacks and unwanted email.
PRODUCT INBOUND 0930 01 2x

Profiles Good Behavior

By integrating with Microsoft Office 365 and Google Workspace, Abnormal continuously learns about the digital identity of every employee in your organization.

  • Which department do they belong to? What title and level do they hold?
  • Which employees are subject to greater risk?
  • When do they typically log in, from where, and using which devices?
  • With whom, why, and how often do they communicate with each other?
  • What content do they typically share? What is their tone over email?

These signals enhance our detection capabilities without any need for custom policies.

PRODUCT INBOUND 0930 02 2x

Precisely Detects and Remediates All Anomalies

Unlike secure email gateways, Abnormal scans every email, including internal messages. Using known good behavior baselines, every email is precisely scrutinized for anomalies.

  • Do they communicate this frequently?
  • Are the tone and the content shared typical?
  • Does the account appear compromised?

This behavioral-based analysis precisely strikes down all threats within milliseconds, including never-before-seen socially-engineered email attacks.

B 04 Profiles All Vendors Potential Threats 2x 2

Profiles All Your Vendors For Potential Threats

Your organization’s security posture is only as strong as the security posture of your vendors.

Soon after you integrate with Abnormal, VendorBase reviews all your emails to extract your vendor relationships. It then continuously monitors your vendors for security risks observed across the entire enterprise ecosystem and automatically identifies when a vendor has been compromised.

Defense In Depth v6

Replace Your Secure Email Gateway

Simplify your email security stack by eliminating the redundant secure email gateway layer, and re-enabling and enhancing cloud gateway capabilities built into Microsoft and Google.

Unify your entire inbound email security defenses, from email hygiene to zero-day advanced attacks.

Improve Employee Productivity and Experience

Eliminates spam and quarantine digests and portals.
PRODUCT INBOUND 0930 04 2x

Personalized End-User Email Experience

Abnormal learns end-user preferences by observing how they move messages between folders, allowing it to automatically create and manage individualized safe and block lists, as well as deliver spam and graymail to junk and promotional folders respectively.

End users no longer have to rely on spam and quarantine digests to salvage missed messages.

PRODUCT INBOUND 0930 05 2x

Smart URL Rewriting

Not all emails are malicious. So why rewrite every single URL within them?

Abnormal judges every email to determine its risk profile, and only rewrites URLs within those emails that look like borderline attacks.

B 07 Contextual Banner 2x

Contextual Banners That Help End Users

Abnormal precisely assesses every email for potential threat and the type of threat, and if deliverable, automatically provides relevant information using banners.

End users, as a result, are better equipped to ensure that they do not fall victim to attack.

Streamline Security Operations

Deploy with one-click via an API integration.
B 08 Natively Integrates 2x

Natively Integrates With Microsoft and Google

Integrate within minutes via API, without any disruption to mail flow. No changes to your email configuration or MX records are required.

Plus, there is no need to configure Abnormal or to set custom policies. It learns from Active Directory, other directory services, existing emails, and more to baseline good behavior and stop all attacks within hours.

B 09 Integrated Visibility Dashboard NEW

Integrated Visibility and Control

With a single pane of glass, analysts no longer need to toggle between your native cloud email security dashboard and other email security solution dashboards.

With deep integration, you get unified visibility and control across Microsoft Office 365, Google Workspace, and Abnormal, greatly simplifying investigation, remediation, follow-up, and reporting.

B 10 Cusotmizable Remediation Options 2x

Customizable Remediation Options

To comply with regulations or critical business needs, admins can:

  • Ensure delivery for certain groups, with contextual banners when necessary

  • Defend highly-targeted groups differently

  • Increase end user access to emails, via the junk folder, or by using banners, enabling them to inform Abnormal of their preferences

With Abnormal, you can fully automate remediation while addressing the unique needs of various groups within your organization.

Fully Automate Your SOC Workflows

Integrate with SIEM, SOAR, ITSM, and IAM solutions to enrich security insights and orchestrate workflows.

SIEM

Augment your SIEM with metadata and risk scores for better attack correlation.

SOAR

Trigger playbooks when users engage with bad email or compromised accounts.

ITSM

Create tickets for compromised accounts or when users engage with bad emails.

Secure Email Gateways

Trigger automated post-delivery protection when gateways send alerts on missed attacks.

Phishing Training

Allow emails for training to pass inspections, and present reports on user engagement.

Identity Access Management

Log in to Abnormal via SSO, and to provide data to better detect account takeover attempts.

REST API

Our bi-directional architecture helps you set up your own custom integrations quickly and simply.

Trusted by Global Enterprises

HOMEPAGE DEMO 630 X480

See an Abnormal Product Demo

Related Resources

Data sheet 1
Protect your end users from the full spectrum of targeted email threats: phishing, ransomware, fraud, social engineering, supply chain attacks, executive impersonation, spam, and graymail. Integrate with Microsoft 365 and Google Workspace via a one-click API without disrupting mail flow. No MX record changes, configuration, or custom policies are needed.
Read More
Whitepaper cover 1
Business email compromise (BEC) is the most significant cybersecurity threat to enterprise organizations, with $1.8 billion lost in 2020 alone. This type of email attack occurs when a cybercriminal uses social engineering to impersonate a trusted contact—typically an executive, coworker, vendor, or partner.
Read More
Ices announcement cover
Abnormal ICES offers all-in-one email security, delivering a precise approach to combat the full spectrum of email-borne threats. Powered by behavioral AI technology and deeply integrated with Microsoft 365...
Read More
Blog door arches
When Abnormal Security was founded, our engineering and data science teams were focused on solving the toughest—and most expensive—email security problem for enterprises: business email compromise, or BEC. Fast-forward to today and Abnormal serves some of the largest enterprises...
Read More
Video 2
Socially engineered email attacks are the #1 security threat facing companies today, accounting for more than 44% of all cybercrime losses. To stop these types of sophisticated email attacks, you need a fundamentally new approach to email security.
Read More
Blog basic office building
Compromised accounts are commonly used by cybercriminals to send additional attacks because they appear to originate from a trustworthy source—typically a known partner or customer, or a known coworker within the organization. In this attack, the account was first...
Read More