Abnormal Security vs. Mimecast


Abnormal blocks what Mimecast struggles to stop by leveraging behavioral AI to baseline known behavior, profile trusted vendors, and understand internal emails.

Get a Demo

Block Malicious Emails That Others Miss


Modern email threats cost organizations billions of dollars annually, and legacy email security solutions struggle to prevent them. Emails impersonating employees and vendors trick users and secure email gateways alike.

Archaic email security solutions focus on known-bad indicators of compromise like domain reputation, malicious attachments, and suspicious URLs. They don’t consider context and sender relationships, so they miss costly socially-engineered attacks.

Trending Attacks

By understanding regular email patterns and context, Abnormal catches these sophisticated email attacks. Abnormal brings a new approach to email security:

  • Identifies socially-engineered attacks like business email compromise (BEC) that legacy solutions miss.
  • Understands the known good baseline rather than relying on a clunky set of rules to spot red flags or suspicious signals.
  • Scans text-only and payloadless emails to understand context and flag unusual requests.
  • Recognizes compromised accounts within your supply chain without manual domain input.
Learn How It Works

What Our Customers Say


Our customer-first approach is at the heart of everything we do.


“We were looking to move to Mimecast, which was pretty cool. Then Abnormal came along and blew it out of the water with better functionality and a smarter way of doing things.”

Jim Robinson, CISO, SuperConcepts

Super Concepts 01 1

Abnormal By the Numbers




BEC attacks blocked per
customer per month.



Largest vendor fraud email
attack prevented in 2021.



Malware attacks blocked
per customer in 2021.



Get Insight Into Internal Vulnerabilities


Account takeovers are a frequent entry point for costly cyberattacks across enterprises.


Other email security solutions struggle to catch compromised accounts that can wreak havoc within an organization. But Abnormal monitors internal communications and east-west traffic to flag and automatically remediate compromised internal accounts.

  • Analyzes emails for external BCCs of unknown email addresses.
  • Flags new and unusual mail filter rule changes.
  • Identifies sender locations and IP addresses for unusual patterns.
  • Filters internal emails for suspicious requests like vendor payments.
Insight Image

Abnormal uncovers at least one
compromised internal account during 79%
of Fortune 1000 evaluations.


Identify Compromised Vendors Across Your Supply Chain


A single compromised account within an organization’s supply chain can open the door for costly email attacks. Other email security solutions have difficulty detecting a compromised vendor account or understanding vendor risk profiles since they lack visibility into partners.

Abnormal detects compromised vendor accounts with high efficacy through VendorBase™, the industry’s first federated database that tracks external partners across all customers for suspicious signals. VendorBase provides a risk score for each partner based on the legitimacy of the vendor, spoofed or impersonated domains, and compromised accounts.

By monitoring vendor communications across all customers, Abnormal can spot suspicious signals including unusual financial requests, changes to banking details, and irregular communications.



Email Security Doesn’t Have to Be Complicated


Traditional email security solutions come with a strenuous setup process that disrupts mail flow:

  • Rerouting emails
  • Modifying MX records
  • Reconfiguring firewalls
  • Disabling native Microsoft or Google security features
  • Amending restricted IP addresses

And that's just implementation.

Legacy email security requires complicated filters and rules to avoid false positives and false negatives. And filtering emails through external gateways means you’re at risk of a service outage.

Modern Solution Ill 01

Email security shouldn’t be this difficult.
Abnormal makes it easy.

30 Seconds

Average time to integrate Abnormal with your cloud email platform.


Unified dashboard for all threat and attack analytics.


Custom rules or policies required.


Three-click API setup integrates with your existing email infrastructure.


Doesn’t require changes to mail flow or MX records.


Automates your abuse mailbox, freeing up substantial time for SOC analysts.

API Image
Demo 2x 1

Replace or Supplement Mimecast with Abnormal

See how our email security solution protects your organization from the most sophisticated email attacks that bypass Mimecast.