SOC Automation
Supercharge your SOC workflows and save time with AI-assisted investigation, auto-remediation, follow-up, and reporting.
Automates Security Processes to Help You Take Action Faster
Improve Response Times
Automated triage helps you address user-reported incidents with greater accuracy and speed.
Keep Users and Data Secure
Remove misdirected messages, and improve detection efficacy to protect users and their data.
Streamline and Automate
No administration, configuration, or policies are needed; integrate into your SOC processes.
Automate Triage and Remediation of User-Reported Phishing Attacks
See All User-Reported Attacks in One Place
Abuse Mailbox organizes all user-reported emails, including their original messages and headers, across all Microsoft 365 and Google Workspace tenants into a single view.
Quickly view quantitative highlights of submissions broken down by malicious, safe, and spam messages, as well as remediated campaigns and messages.
Automatically Triages User-Reported Email Attacks
Abuse Mailbox automatically investigates submissions, and if found malicious, gathers other emails within the phishing campaign, removes them, and reports back to the submitter.
These missed attacks help improve detection, ensuring that similar attacks are blocked in the future.
With typically 90% of submissions known to be safe emails, this automation saves security teams many hours each week.
Intelligent and Thorough Remediation
Since Abnormal natively integrates with your cloud email service, it scans every email as it is sent, replied to, or forwarded within your email environment.
When an email is found malicious, Abuse Mailbox intelligently gathers all similar and related messages, their headers, and engagements. It then remediates the entire campaign, and follows up with end users appropriately.
Powerful Search Built For Rapid Response
Rapidly Contain Misdirected Email
Removing emails and their engagements is necessary when sensitive data is misdirected, or if an attack is missed.
Search for specific emails by sender, recipient, or subject, filter within certain time frames, and remediate them in bulk.
Every search activity is recorded for any audit requirements.
Report Missed Attacks on Detection 360° and Abnormal Resolves Them Quickly
Track How Abnormal Gets Better Every Day
When you submit missed attacks or false positives, a dedicated team of experts investigates them to fix the incident, improve detection efficacy, and provide you with a summary of steps taken.
Track all of these engagements and their progress from within the Detection 360° tab in the product.
Fully Automate Your SOC Workflows
SIEM
Augment your SIEM with metadata and risk scores for better attack correlation.
SOAR
Trigger playbooks when users engage with bad email or compromised accounts.
ITSM
Create tickets for compromised accounts or when users engage with bad emails.
Secure Email Gateways
Trigger automated post-delivery protection when gateways send alerts on missed attacks.
Phishing Training
Allow emails for training to pass inspections, and present reports on user engagement.
Identity Access Management
Log in to Abnormal via SSO, and to provide data to better detect account takeover attempts.
