Integrated Cloud Email Security

Protect your end users from the full spectrum of targeted email threats: phishing, ransomware, fraud, social engineering, supply chain attacks, executive impersonation, spam, and graymail. Detect and remediate compromised accounts. Integrate with Microsoft 365 and Google Workspace via a one-click API without disrupting mail flow. No MX record changes, configuration, or custom policies are needed.

Secure email gateways struggle to block socially-engineered attacks that pass reputation checks, have no links or attachments, and appear to come from trusted sources. The Abnormal Integrated Cloud Email Security (ICES) platform profiles known good behavior and analyzes over 45,000 signals to detect anomalies that deviate from these baselines, and then precisely blocks all socially-engineered and unwanted emails—both internal and external—and detects and remediates compromised accounts.

Organizations that require comprehensive inbound email protection are stuck with multiple products, incompatible architectures, unnecessary expense, and management overhead. With ICES, you can simplify your stack by eliminating the redundant email gateway layer and re-enabling and enhancing Microsoft’s cloud gateway capabilities.

By deeply understanding entities—users and vendors, their behavior, relationships, and tone and content shared—Abnormal ICES precisely detects anomalies and blocks attacks that regularly evade Microsoft, Google, and secure email gateways.

Your organization’s security posture is only as strong as the security posture of your vendors. Soon after integration, ICES reviews all your emails to extract your vendor relationships. It monitors your vendors for security risks observed across the entire enterprise ecosystem, automatically identifies when vendor accounts have been compromised, and protects your end users from them.

Abnormal ICES centralizes user-reported phishing attacks, and automatically investigates, remediates, and notifies reporters on the results. Approximately 90% of submissions are known to be safe emails, and this automation saves security teams many hours each week.

Fully automate triage, investigation, remediation, and reporting, for both auto-detected and user-reported email threats. Abnormal natively integrates with SIEM and SOAR tools to enrich insights and to orchestrate workflows.

Use Search and Respond to rapidly contain missed attacks or misdirect emails with sensitive information. Detection 360° provides an opportunity to have false negatives or false positives reviewed and remediated promptly, by the Abnormal team.

Abnormal learns end-user preferences by observing how they move messages between folders, allowing it to automatically create and manage individualized safe and blocklists, as well as deliver spam and graymail to junk and promotional folders respectively. End users no longer have to rely on spam and quarantine digests to salvage missed messages.

Centralize metrics, insights, and actions across email security solutions, and the management of global blocklists across hundreds of tenants, from a single pane of glass.

The Abnormal cloud-native API architecture simplifies deployment and improves response times. Get started today.