Supercharge your SOC workflows and save time with AI-assisted investigation, auto-remediation, follow-up, and reporting. Abnormal provides a frictionless method for user-reported phishing attacks to be submitted, triaged and reviewed. The platform automatically triages phishing attacks and suspicious email submissions using behavioral AI, and then automatically investigates, remediates the entire email campaign, and notifies the reporters of the results. This automation provides security teams with up to an 80% time savings on investigation and reporting.

View All User-Reported Attacks in One Place

Abnormal Abuse Mailbox organizes all user-reported emails, including their original messages and headers, across all Microsoft Office 365 and Google Workspace tenants into a single view.

You can quickly view quantitative highlights of submissions displayed by malicious, safe, and spam messages, as well as remediated campaigns and messages.

abuse mailbox automated dashboard

Automatically Triage User-Reported Email Attacks

Abuse Mailbox automatically investigates submissions, and if found malicious, gathers other emails within the phishing campaign, removes them, and reports back to the submitter.

When you submit missed attacks or false positives, a dedicated team of experts investigates them to fix the incident, improve detection efficacy, and provide you with a summary of the steps taken.

integrated cloud email security automates soc reporting

Provides Intelligent and Thorough Remediation

Since Abnormal natively integrates with your cloud email service, it scans every email as it is sent, replied to, or forwarded within your email environment.

When an email is found malicious, Abuse Mailbox intelligently gathers all similar and related messages, remediates the entire campaign, and follows up with end users appropriately.

abuse mailbox malicious email response options

Rapidly Contain Misdirected Email

Find and remediate emails across some or all of your tenants with Abnormal Detection 360° search functionality built for rapid response.

Search for specific emails by sender, recipient, or subject, find emails sent within specific time frames, and then remediate them in bulk. Removing emails and their engagements is necessary when sensitive data is misdirected or if an attack is missed.

All search activity is recorded for any audit or compliance requirements.

abnormal security search and respond remediating misdirected emails

Track How Abnormal Gets Better Every Day

When you submit missed attacks or false positives, a dedicated team of experts investigates them to fix the incident, improve detection efficacy, and provide you with a summary of steps taken.

D 06 UI Screen detection360 v2 2x

Abnormal SOC Automation Key Capabilities

  • Complete Abuse Mailbox Automation: Reduce your SOC workload by 80% or more.

  • Automated Remediation: Remove email campaigns that are deemed malicious post delivery.

  • Multiple Remediation Options: Permanently delete the email, quarantine it, or move it to another folder.

  • Frictionless Abuse Mailbox Reporting: Provide end users with an easy method to submit emails for further review.

  • Automated Employee Notification: Provide support notifications for safe and malicious email, directly to the user who reported it.

  • Collects and Categorizes: View the entire email attack campaign in one central location.

  • Search and Respond: Use global, multi-tenant email delivery search and removal to find and remediate all attacks.

  • Comprehensive Dashboards: View all reports and documentation within centralized dashboards.

  • Integrate with Third-Party Solutions: Post-remediate attacks detected by Proofpoint TAP Alerts and other solutions.

  • Seamless Integration with your Existing Security Stack: Integrate with ticketing systems such as ServiceNow and SIEM/SOAR tools including Splunk, LogRhythm, QRadar, Demisto, and more.

  • Platform Independent: Integrates with both Microsoft Office 365 and Google Workspace.

Detection 360°: Submit detection enhancements for false negatives and false positives for full feedback from Abnormal, and then view and filter these reports and their statuses.

Fully Automate Your SOC Workflows

Integrate with SIEM, SOAR, ITSM, and IAM solutions to enrich security insights and orchestrate workflows. If Abnormal doesn’t have the integration you need for your security stack, our bi-directional API-based architecture helps you set up your own custom integrations quickly and simply.

Deploys in Minutes and Proven to Save You Time

The Abnormal cloud-native API architecture simplifies deployment and improves response times. Get started today.

Demo 2x 1

See the Abnormal Solution to the Email Security Problem

Protect your organization from the attacks that matter most with Abnormal Integrated Cloud Email Security.

Related Resources

B 05 03 22 Using Modern Email Security Webinar
Secure email gateways (SEGs) focus on searching for known bad domains, attachments, and links. But threat actors have changed their tactics—opting to deceive humans instead of technology. It’s time for a modern solution to the email security problem, one that detects and prevents these attacks.
Watch Now
Resource 05 Webinar
With the rise of modern attacks such as supply chain compromise, executive impersonation, and account takeover, it's become obvious: the SEG no longer works. Learn what you need for complete defense in depth protection.
Watch Now
Abonrmal overview cover
Abnormal provides a fundamentally-different approach to email security that precisely blocks all email attacks.
Read More
Abnormal microsoft data sheet cover
Complement Microsoft’s threat intelligence-based defenses with precise, behavioral analysis-based protection against all email and account takeover attacks.
Read More
Video 1
Abnormal can determine when legitimate end users have accessed accounts, or when a bad actor has accessed them, by understanding key attributes like common IP addresses, or if the device has been accessed...
Watch Now
Video 2
Socially engineered email attacks are the #1 security threat facing companies today, accounting for more than 44% of all cybercrime losses. To stop these types of sophisticated email attacks, you need a fundamentally new approach to email security.
Watch Now
Video 1
With Abnormal, security teams can now eliminate redundant email gateways and enhance Microsoft's built-in security capabilities. Once integrated via one-click API, Abnormal automatically profiles your VIPs and employees, their behavior, relationships, communication patterns...
Watch Now
Data sheet 1
Protect your end users from the full spectrum of targeted email threats: phishing, ransomware, fraud, social engineering, supply chain attacks, executive impersonation, spam, and graymail. Integrate with Microsoft 365 and Google Workspace via a one-click API without disrupting mail flow. No MX record changes, configuration, or custom policies are needed.
Read More
Data sheet 3
By understanding normal behavior, Abnormal can detect any deviations in these baselines to uncover potentially compromised accounts and then immediately remediate them. When left undetected, attackers can use compromised accounts to exfiltrate sensitive data or send lateral phishing emails.
Read More
Data sheet 2
Abnormal Security's Integrated Cloud Email Security (ICES) blocks socially-engineered attacks that secure email gateways miss.
Read More
Email security architectures cover
As organizations have moved their email servers from on-premise systems like Microsoft Exchange to cloud services like Microsoft 365, the range of permutations of email security solutions has also increased. See the range of security options available to organizations and how to solve for advanced threats.
Download Now
Cover ABX White Paper 04 12 22
Abnormal Behavior Technology (ABX) leverages innovative techniques to provide a revolutionary approach to detecting and mitigating targeted email attacks.
Download Now