Replace Your Secure Email Gateway
Modern Attacks Need Modern Email Protection
Precisely block never-seen-before email attacks that regularly evade secure email gateways using an API and machine learning approach.
44%
of all cybercrime losses are due to socially engineered email attacks
$93,000
average loss to businesses from business email compromise
25%
chance of receiving a supply chain compromise attack each week.
Legacy SEG Architecture
No native cloud-based API integrations
Limited visibility into East-West traffic
Lack of internal email context leads to low efficacy
Outdated Known Bad Approach
Rules and policies based
Detected based on known-bad indicators
No vendor risk context for supply chain attacks
Limited Cloud Platform Signals
Little to no visibility into user event attributes
Limited visibility into compromised accounts or credentials
Unable to access and leverage thousands of cloud signals
“We’ve deprecated our email gateway and now rely on Microsoft and Abnormal for protection. We’ve enabled gateway functionality in Microsoft 365, which had been disabled when our gateway was active.”
Justin Yoshimura,
CEO, CSC Generation
Problem: 1. Business Email Compromise (BEC) evades SEGs.
In the current threat landscape, bad actors evade detection by avoiding the use of phishing links, malware, or ransomware in their attacks. Instead, these attacks have become highly sophisticated using text-only social engineering techniques.
Since SEGs rely on conventional threat indicators and do not have comprehension of the communication or context within the email, these attacks are often delivered to the users' inbox.
Solution: 1. Abnormal provides precise protection against BEC attacks.
Unlike secure email gateways, Abnormal scans every email, including internal messages using natural language processing (NLP) and natural language understanding (NLU) algorithms to identify anomalous behavior.
The algorithms detect suspicious activity by analyzing the topic, tone, and sentiment and further cross-reference this with other high fidelity detection signals from our detection engine to block text-only based email attacks successfully.
Problem: 2. SEGs leave you vulnerable to supply chain compromise attacks.
Here is a real customer example of a modern attack launched against a Fortune 100 company that evaded the SEG. The attacker impersonated a vendor to trick an unsuspecting employee to transfer $753,000 to a new bank account.
The SEG determined the attack to be a legitimate email, as it was looking for known-bad IOCs while the attacker was using never-seen-before tactics to exploit human behavior—a text-based email with no malicious links and no malicious attachments.
Solution: 2. Abnormal prevents supply chain compromise.
Only Abnormal scans all emails to automatically compile a list of your organization’s vendors and their contacts. Abnormal then continuously monitors them for security risks observed across the entire enterprise ecosystem to block supply chain fraud attacks.
Abnormal detects these sophisticated supply chain attacks by combining natural language processing (NLP) with a variety of critical cloud signals and behavioral models.
Problem: 3. SEGs lack visibility, leaving gaps in your email security.
SEGs create a disjointed security architecture. Because SEGs are designed to be deployed at the perimeter, they have little to no visibility into internal (east-west) email communications to identify and prevent account takeovers, lateral phishing attempts, or unwanted email content.
Solution: 3. Abnormal inspects every email to provide complete visibility.
Abnormal’s API-based security approach leverages a direct and native integration into Microsoft 365 and Google Workspace.
This behavioral-based analysis precisely strikes down email threats within milliseconds, including lateral phishing and never-before-seen socially-engineered email attacks, without delaying email delivery or introducing single points of failure like SEGs.
Cloud-Native and API-Based Architecture.
Abnormal has one-click API integration into cloud email solutions like Microsoft 365 and Google Workplace. The native API integration provides visibility into inbound and outbound email and internal east-west email from cloud email providers for better detection and remediation of attacks.
Behavioral Approach.
Abnormal’s approach is based on baselining the known good behavior and detecting anomalies for a higher efficacy in blocking modern attacks. There are no custom rules or policies. Instead, the machine learning engine continuously combines a wide variety of signals to build models that focus on identity, relationships, and context.
Leverages the Full Power of Cloud Signals:
Abnormal directly integrates into the cloud email provider through API integrations, which provides exclusive access to cloud-based signals through 45,000+ signals, including critical information like sign-in events, compromised credentials, and more.
