About Threat Log

Attackers are constantly finding new ways to use email to infiltrate corporate networks and defraud employees. Security analysts are tasked with monitoring an organization's email traffic and implementing the right offense strategies to protect against these attacks. But understanding and analyzing the hundreds of email or text organization sees a day is a cumbersome task that consumes hours of time.

To help, Abnormal Security offers Threat Log a record of every malicious email flagged by our AI-based detection engine. Each attack description in Threat Log provides an in-depth analysis of the message and the signals that were used to determine that the message is dangerous. The AI-based algorithm understands when there are enough indicators to flag the email. Each attack description explains the anomalies related to identity, behavior, and content. Modern BEC attacks often bypass legacy SEG solutions because they do not contain traditional indicators of compromise.

Abnormal's unique approach uses natural language processing or NLP to interpret the content of each email, extracting signals related to tone and request type to determine the risk level of the message. Attackers often use either email spoofing or compromise accounts to conduct their attacks.

In response, Abnormal constantly analyzes signing signals, email patterns, communication habits, and thousands of additional data points to build a genome of the end user. Abnormal builds a relationship map of normal communication patterns, and anything that deviates from that known behavior helps inform the risk score of the message.

Threat log shows a detailed report of each email that is analyzed by abnormal increasing your understanding and giving you visibility into how each attack was carried out. It saves countless hours of laborious and manual analysis that otherwise would be executed by you or your team while helping you identify key banners that are shown as part of your security awareness training.