ABX: Abnormal Behavior Technology

Unprecedented protection against all types of email attacks by analyzing dozens of data sources including unique data available from email platform APIs.

  • Takes a data-science approach
  • Uses unique, organized specific data
  • Triangulates Identity, Relationship, and Content of emails
+ + +

Identity Modeling

  • Name & Role
  • Personal Email addresses
  • Login Events (Times & Locations)
  • Known customer/vendor integration

Relationship Graph

  • Individual communication patterns
  • Organizational communcation patterns
  • Email Client behavior

Content Analysis

  • Topic, Tone and Sentiment analysis
  • Attachment analysis
  • URL link analysis

Abnormal Architecture

01 Abnormal Identity Model

Stateful Identity Model of employees and external entities.
Data sources for modeling include:

  • Email: inter- and intra-domain
  • Directory, User Contact Lists
  • Security and User Event Data

02 Abnormal Relationship Graph

Graph of communication patterns.

  • Map of communications internally
  • Relationships to contacts at vendors/customers
  • Strength and type via analysis of topic, tone, and frequency

03 Abnormal Content Analysis

Analyzes the content within each message, including any attachments and links, to understand what is being communicated. Techniques include:

  • Computer Vision Techniques
  • Deep URL Analysis
  • Natural Language Processing
  • Threat Intelligence

04 ABX: Ensemble Machine Learning Models

The Identity Model, Relationship Graph and Content Analysis results are fed into an ensemble of machine learning algorithms designed to identify specific types of attacks and techniques.

The final disposition is made by the ABX Decision Engine, complete with clear, concise, and explainable insights.