Abnormal Security vs. Mimecast

Abnormal blocks what Mimecast struggles to stop by leveraging behavioral AI to baseline known behavior, profile trusted vendors, and understand internal emails.

Block Malicious Emails That Others Miss

Modern email threats cost organizations billions of dollars annually, and current email security solutions struggle to prevent them. Emails impersonating employees and vendors trick users and secure email gateways alike. Archaic email security solutions focus on known-bad indicators of compromise like domain reputation, malicious attachments, and suspicious URLs. They don’t consider context and sender relationships, so they miss costly social engineering attacks.
By understanding regular email patterns and context, Abnormal catches these sophisticated email attacks. Abnormal brings a new approach to email security:
Identifies socially-engineered attacks like business email compromise (BEC) that legacy solutions miss.
Understands the known good baseline rather than relying on a clunky set of rules to spot red flags or suspicious signals.
Scans text-only and payloadless emails to understand context and flag unusual requests.
Recognizes compromised accounts within your supply chain without manual domain input.
Learn how it Works
We were looking to move to Mimecast, which was pretty cool. Then Abnormal came along and blew it out of the water with better functionality and a smarter way of doing things.
— Jim Robinson, CIO, SuperConcepts

Abnormal by the Numbers


BEC attacks blocked per customer per month.


Largest vendor fraud email attack prevented in 2021.


Malware attacks blocked per customer in 2021.

Get Insight Into Internal Vulnerabilities

Account takeovers are a frequent entry point for costly cyberattacks across enterprises.
Other email security solutions struggle to catch compromised accounts that can wreak havoc within an organization. But Abnormal monitors internal communications and east-west traffic to flag and automatically remediate compromised internal accounts.
Analyzes emails for external BCCs of unknown email addresses.
Flags new and unusual mail filter rule changes.
Identifies sender locations and IP addresses for unusual patterns.
Filters internal emails for suspicious requests like vendor payments.

Abnormal uncovers at least one compromised internal account during 79% of Fortune 1000 evaluations.

Identify Compromised Vendors Across Your Supply Chain

A single compromised account within an organization’s supply chain can open the door for costly email attacks. Other email security solutions have difficulty detecting a compromised vendor account or understanding vendor risk profiles since they lack visibility into partners. Abnormal detects compromised vendor accounts with high efficacy through VendorBase™, the industry’s first federated database that tracks external partners across all customers for suspicious signals. VendorBase provides a risk score for each partner based on the legitimacy of the vendor, spoofed or impersonated domains, and compromised accounts. By monitoring vendor communications across all customers, Abnormal can spot suspicious signals including unusual financial requests, changes to banking details, and irregular communications.

Email Security Doesn’t Have to Be Complicated

Account takeovers are a frequent entry point for costly cyberattacks across enterprises.
Traditional email security solutions come with a strenuous setup process that disrupts mail flow:
Rerouting emails
Modifying MX records
Reconfiguring firewalls
Disabling native Microsoft or Google security features
Legacy email security requires complicated filters and rules to avoid false positives and false negatives. And filtering emails through external gateways means you’re at risk of a service outage.

Email security shouldn’t be this difficult. Abnormal makes it easy.

30 seconds

Average time to integrate Abnormal with your cloud email platform.


Unified dashboard for all threat and attack analytics.


Custom rules or policies required.
Three-click API setup integrates with your existing email infrastructure.
Doesn’t require changes to mail flow or MX records.
Automates your abuse mailbox, freeing up substantial time for SOC analysts.

See the Abnormal Solution to the Email Security Problem

See how our email security solution protects your organization from the most sophisticated email attacks that bypass Mimecast.
Request a Demo
Request a Demo