Displace SEG Head

Displace Your Secure Email Gateway (SEG)

Eliminate the need for your SEG when you combine Abnormal Integrated Cloud Email Security (ICES) with the native security capabilities of Microsoft 365.

SEGs Are Becoming Obsolete

As enterprises shift to the cloud office, attackers are finding new ways to attack. They are circumventing the secure email gateway and exploiting the open, connected nature of the cloud to move laterally across applications. Key issues with the SEG include:

Missed Attacks

The SEG detects based on static, known-bad indicators, which means it fails to identify text-only attacks, and has no risk context across vendors or partners.

Outdated Architecture

Because there is no native cloud-based API integration, the SEG is unable to leverage the thousands of cloud insights or see into 
East-West traffic.

Complex to Manage

In addition to having redundant capabilities with native Microsoft 365 security, the SEG requires multiple dashboards and needs constant tuning to maintain.

The Solution:
Abnormal ICES + Microsoft

Abnormal Integrated Cloud Email Security (ICES) displaces the redundant, outdated SEG and enhances the built-in protection of Microsoft 365. The solution blocks the full spectrum of attacks with a modern, API-driven, cloud-native solution, informed by innovations in AI-based behavioral data science.

View insights and actions—from edge protection, spam, and malware, down to user-reported email attacks—and manage blocklists across hundreds of tenants in one place.


“Our secure email gateway solution was failing to stop advanced high-risk/low-volume email attacks like BEC, which created a significant risk exposure to the company. Abnormal’s AI-based solution was the best intelligent, context-aware email security platform available.”

Gopal Padinjaruveetil,
CISO, Auto Club Group-AAA
SEG 3 D Background

Integrated Cloud Email Security Benefits

Integrated Cloud Email Security Benefits

Protects Against the Broad Spectrum of Email Attacks

Abnormal profiles known-good behavior within your environment and analyzes over 45,000 signals to detect anomalies that deviate from the baseline.

By understanding what is normal, Abnormal can block the malicious and unwanted emails that bypass other solutions.

Integrates Insights Reporting Update 1

Simplifies Email Security Architecture

Abnormal ICES simplifies email and security architecture, eliminating the complexity of secure email gateways. Our modern, cloud-native solution integrates via API and deploys in minutes.

Automates SOC Operations Update 1

Automates SOC Operations

Abnormal fully automates email triage, remediation, and reporting, bringing together all auto-detected and user-reported threats into a single interface.

Analysts can use search and respond functionality to rapidly contain missed attacks or misdirected emails.


Improves Your End User Experience

Abnormal provides a native Microsoft email experience that puts an end to spam digests and portals.

The platform learns each user’s preference as they move emails between folders within their mailbox. This personalized understanding enables Abnormal to deliver incoming emails directly into the folder, giving end users an immersive email experience.


Displacing Your SEG with Abnormal ICES

Before ICES

When email migrated to the cloud, in most cases, the SEG went with it. As a result, organizations were stuck with multiple products and incompatible architectures, which often forced them to disable Microsoft 365’s native protection.

This complicated architecture left Microsoft capabilities unused, created high overhead for security teams and end users, and introduced points of failure in the path of mailflow.



When you choose to simplify your email security with Microsoft and Abnormal ICES, not only can you deprecate your SEG, you can also re-enable and enhance Microsoft's threat intelligence-based protection with Abnormal's behavioral AI.

With this modern, simplified architecture, you enhance your protection against the full spectrum of attacks and unwanted email.


Providing a Unique Approach to Block Attacks

See what makes Abnormal different from traditional gateways.

Protects Against Attacks with High Efficacy

Precisely blocks all socially-engineered and unwanted emails that evade secure email gateways.

Illustration 2
Deploys via API in Minutes

Integrates via API with no configuration or policies needed, and no changes to mail flow required.

Illustration Fed Data
Federated Data Across Employees and Vendors

Identifies when third-party vendors have been compromised across all customers to block malicious emails.

Illustration 3
Automates SOC Operations

Fully automates email triage, remediation, and reporting, saving time for your SOC team.

Illustration 4 v2
Email Account Takeover Protection

Prevent account takeovers with a solution that deeply understands and baselines normal user behavior to uncover potentially compromised accounts and then immediately remediate them.

Illustration 5
Improves Your End User Experience

Gives you a consumer-grade end user experience that puts an end to spam digests and portals.


See the Abnormal Solution to the Email Security Problem

Protect your organization from the full spectrum of email attacks with Abnormal.

See a Demo
Integrates Insights Reporting 09 08 22

Related Resources

Blog series c cover
When we raised our Series B funding 18 months ago, I promised our customers greater value, more capabilities, and better customer support. We’ve delivered on each of those promises and as we receive an even larger investment, I’m excited about how we can continue to further deliver on each of them.
Read More
Wall street journal logo
Four-year-old company is now valued at $4 billion as email security takes center stage. Email security company Abnormal Security Corp. has raised $210 million in a Series C funding round led by Insight Partners.
Read More
B Gartner Highlights 1
The Gartner Market Guide for Email Security explains what integrated cloud email security (ICES) solutions are and why they’re essential for modern enterprises. Download a copy now to learn why enterprises are moving away from the SEG.
Read More
Resource 02 CISO
Business email compromise (BEC) is the most significant cybersecurity threat to enterprise organizations, with $2.4 billion lost in 2021 alone. This type of email attack occurs when a cybercriminal uses social engineering to impersonate a trusted contact—typically an executive, coworker, vendor, or partner.
Download Now
Resource 03 COATS
With Abnormal ICES layered over Microsoft Defender, Coats employees are free to focus on continuing the company’s 250-year tradition of innovation, rather than sorting through emails and trying to assess the risks.
Watch Now
Resource 04 Threat Report
Our threat report on ransomware shares insight on attack methods, locations, payouts, and more across 4,200 victims.
Download Now
B 03 25 22 CISCO Guide to VEC
Supply chain compromise attacks can cause substantial financial loss through invoice or payment fraud. Learn how and why attackers leverage compromised accounts from vendors to launch attacks that are specifically designed to bypass traditional email security.
Download Now
Fortune 200 wealth cover
As a leader in insurance and asset management, this Fortune 200 company recognizes that its security must protect its employees and customers from cyber attacks. Customers place their trust and their assets in the control of this company, so the security team built a robust solution reducing risk, gaining visibility, and securing user identity—the new perimeter.
Read More
B 05 23 22 ICES Solution Brief
Abnormal Security leverages advanced behavioral data science to stop the full spectrum of email attacks.
Read More