The Abnormal platform integrates via API in seconds with Microsoft 365 and its 85+ associated apps, Google Workspace, cloud apps including Slack, Zoom, Workday, Salesforce, cloud infrastructure—AWS, Azure, and Google Cloud Platform—as well as identity providers like Okta and Ping, and other security tools like CrowdStrike and Splunk.
Abnormal Knowledge Bases surface anomalous behavior and activity across your people, applications, tenants, vendors, and threat intelligence. Security analysts use this insight to hunt for threats and investigate potential incidents more quickly.
Abnormal provides the visibility and control security analysts need to investigate and remediate threats, with comprehensive attack insights and the ability to search for and respond to specific messages and campaigns.
Abnormal integrates easily into multiple security operations solutions, including SIEM, SOAR, and EDR/XDR platforms. These API-based integrations allow security teams to leverage Abnormal’s high-efficacy threat detection within existing response workflows.
Microsoft 365 covers a lot of bases. But it doesn't have the speciality Abnormal does to address threats that come from trusted sources like vendors.”
— Kirit Marvania, Digital Operations Director at Mace
Frequently Asked Questions
Abnormal developed focused artificial intelligence for cybersecurity that excels at analyzing vast amounts of data, identifying patterns, and making quick, accurate decisions about human behavior and attack patterns. Abnormal creates a human behavior baseline via its API ingestion of tens of thousands of human-related signals. This baseline is used by predictive AI and large language models (LLMs) to assess risk, stop attacks, and apply remediation. In addition, Abnormal uses engines that combine both system types, detecting attacks using machine learning-based predictive AI with generative AI agents that refine the decisions of the traditional systems. Generative AI agents are also used to refine and augment the training data that powers the predictive AI systems.
Every platform feature, including the Knowledge Bases, is included in any purchase of Inbound Email Security. To learn more about the Abnormal products, visit the Products Overview page.
Yes. By adding Abnormal to your Microsoft 365 or Google Workspace environment, you can replace your SEG functionality and receive superior detection efficacy. Many of our customers use Abnormal and Microsoft in lieu of a SEG. You can learn more about how this works here.
Yes. While Abnormal + native cloud email platforms can be used instead of a SEG, the Abnormal platform can also serve as a supplement to a SEG. In this case, Abnormal provides coverage for advanced and complex attacks missed by the gateway.
Yes. Abnormal can be integrated via API with various security operations solutions, including SOAR, SIEM, and XDR products. You can learn more about our technology integrations here.
Trusted By More Than 17% of the Fortune 500
See it for Yourself
Get AI Protection for Your Human Interactions
See the #1 AI-native platform for human behavior security.
