About Security Posture Management

Video Transcript

Gabriel Rebane, Group Technical Marketing Manager

Cloud Email platforms have become the new standard for any organization, but the open nature of Cloud Email makes it easy to onboard third-party applications with access to sensitive information. It increases the likelihood of misconfigurations such as conflicting authentication policies and over-privileged users. Security teams often don't directly manage these platforms or make lack the visibility and tools to properly monitor and secure them. Attacks that exploit these new entry-exit points are called Email Platform Attacks, which are a new attack surface area in cloud email beyond just inbound email attacks. To provide better visibility into potential risks associated with these new entry and exit points, Abnormal is expanding its knowledge bases, which consolidates core insights for people, applications, and cloud email tenants.

With PeopleBase, security teams have a searchable database of every identity in their environment that summarizes behavior and identity patterns, providing a timeline of posture events for each individual. AppBase builds an inventory of all third-party applications that integrate directly into your Microsoft 365 environment and surfaces a collection of attributes like access level, permissions, and risk analysis with key posture events providing an in-depth understanding of each individual application. And look at this, an employee just delegated, read and write permissions to both calendar and email for this application across the tenant.

I'll follow up with this user later to understand the requirements behind this. Similar to PeopleBase and AppBase, TenantBase organizes information about the email tenants protected by Abnormal Security, and consolidates monitor events into a single location. Abnormal's New Security Posture Management add-on module proactively improves the posture of Cloud Email environments by helping security teams increase their risk visibility and take actions on configuration gaps. The solution will constantly monitor for configuration drifts that could open up new entry points to your email platform. This is the posture change that I identified in AppBase, but now with one click, security teams can see the context of the change, make a side-by-side comparison of old versus new, and provide insights on the associated risks.

Security teams are no longer required to manually track each individual posture. A built-in workflow helps analysts track what changes are still pending review and which ones are complete. This simplifies the review process and creates an auto record of all monitor changes. To increase visibility and facilitate the discovery of the current posture state, security teams can quickly verify all configurations, when they were last updated, and see the raw posture data. Abnormal Security Posture Management compliments our inbound email of protection, giving security teams the visibility and context they need to protect against other potential entry and exit points associated with misconfigurations, inadequate legacy certification controls, and permission escalation.

Want to know more? Request your personalized demo today.

Related Resources

B 1500x1500 Security Posture Management Datasheet L2 R1 2x
Discover and mitigate misconfiguration risks across your cloud email environment.
Read More
B Demo Days Air Canada 1500x1500
Discover how Abnormal provides better intelligence on blocked attacks, freeing time for Air Canada analysts to focus on other threats.
Watch Now
B 1500x1500 Threat Log L2 R2 2x
Understanding and analyzing the hundreds of email or texts organization sees a day consumes hours of time. To help, Abnormal Security offers Threat Log, a record of every malicious email flagged by our AI-based detection engine.
Watch Now
B 1500x1500 Email Productivity L1 R2 2x
Abnormal email productivity for Microsoft 365 utilizes advanced behavioral AI and natural language processing models to identify time-wasting graymail messages and automatically send them to a promotions folder.
Watch Now
B 1500x1500 Abuse Mailbox Automation L1 R2 2x
Completely automate your user-reported email workflow and free up analyst time with the Abuse Mailbox Automation add-on to Abnormal Inbound Email Security.
Watch Now
B Demo Days SOC 1500x1500
Discover key platform features and capabilities designed to ease the burden on your security team.
Watch Now
B Demo Days Webinar01
In this on-demand recording of our first “Abnormal Demo Day”, we explore key platform features and capabilities designed to address today’s toughest security challenges.
Watch Now
B 08 08 22 Graymail Datasheet
Improve employee productivity and measure your time savings with adaptive graymail protection.
Read More