Technology - Abnormal Security

ABX: Abnormal Behavior Technology

ABX: Abnormal Behavior Technology

Abnormal Behavior Technology

Unprecedented protection against all types of email attacks by analyzing dozens of data sources including unique data available from email platform APIs.

Takes a data-science approach

Uses unique, organized specific data

Triangulates Identity, Relationship, and Content of emails

Abnormal Behavior Technology

Abnormal Architecture

Abnormal Behavior Technology Architecture
01

Data Sources

ABX incorporates more sources of data than any other email security solution today. Using an API-based integration, ABX analyzes Email, Organizational Structure, Event Information, Threat Intelligence and more. Critically, the API integration also provides visibility into internal email traffic.

02

ABX Analysis

ABX analyzes this rich data to profile communications across 3 distinct perspectives:

  • Identity Model
  • Relationship Graph
  • Content Analysis

which are then consolidated by an ensemble of machine learning algorithms.

03

Products

ABX powers the Abnormal products to stop the full range of email attacks, detect email account compromise, and automate the bulk remediation of attacks across the organization.

 
01

Abnormal Identity Model

Stateful Identity Model of employees and external entities.
Data sources for modeling include:

  • Email: inter- and intra-domain
  • Directory, User Contact Lists
  • Security and User Event Data
Abnormal Identity Model
Abnormal Identity Model
01

Abnormal Identity Model

Stateful Identity Model of employees and external entities.
Data sources for modeling include:

  • Email: inter- and intra-domain
  • Directory, User Contact Lists
  • Security and User Event Data
Abnormal Relationship Graph​
02

Abnormal Relationship Graph

Graph of communication patterns.

  • Map of communications internally
  • Relationships to contacts at vendors/customers
  • Strength and type via analysis of topic, tone, and frequency
03

Abnormal Content Analysis

Analyzes the content within each message, including any attachments and links, to understand what is being communicated. Techniques include:

  • Computer Vision Techniques
  • Deep URL Analysis
  • Natural Language Processing
  • Threat Intelligence
Abnormal Content Analysis​
Abnormal Content Analysis​
03

Abnormal Content Analysis

Analyzes the content within each message, including any attachments and links, to understand what is being communicated. Techniques include:

  • Computer Vision Techniques
  • Deep URL Analysis
  • Natural Language Processing
  • Threat Intelligence
ABX: Ensemble Machine Learning Models
04

ABX: Ensemble Machine Learning Models

The Identity Model, Relationship Graph and Content Analysis results are fed into an ensemble of machine learning algorithms designed to identify specific types of attacks and techniques.

The final disposition is made by the ABX Decision Engine, complete with clear, concise, and explainable insights.