Abnormal

Abnormal is a cloud-native email security platform that utilizes AI-powered behavioral data science to protect organizations from sophisticated, targeted email attacks. Their mission is to eliminate advanced email attacks that exploit human vulnerabilities. They aim to achieve this by analyzing communication patterns, content, and relationships to identify and block malicious emails that traditional security measures often miss. Abnormal has a strong market reputation, recognized for its innovative approach, high efficacy, and seamless integration with existing cloud email platforms. They are trusted by a significant portion of Fortune 500 companies and are highly recommended by market leaders. Gartner has recognized Abnormal as a “Leader” in the Magic Quadrant for Email Security Platforms.

Offerings, Integrations, and Capabilities

Abnormal offers a comprehensive suite of email security solutions designed to protect organizations from various email-borne threats. Their platform boasts a modern, API-based architecture that facilitates quick deployment and seamless integration with existing security ecosystems. Key capabilities include:

• Behavioral AI and Anomaly Detection: Abnormal analyzes vast amounts of data to establish baseline behavior for each user and identify deviations that indicate potential threats. This includes analyzing communication patterns, content, and relationships between senders and recipients.
• Cloud-Native Architecture: The platform is built for the cloud, enabling rapid deployment, scalability, and seamless integration with cloud email platforms like Microsoft 365 and Google Workspace.
• API-First Approach: The API-based architecture allows for easy integration with other security tools, such as SIEM, SOAR, EDR/XDR, IAM, and ITSM solutions, enabling comprehensive threat monitoring and automated incident response.
• Automated Remediation: Abnormal can automatically remediate threats by blocking malicious emails, quarantining suspicious messages, and taking other actions to protect users and the organization.
• Comprehensive Visibility: The platform provides detailed insights into email traffic, user behavior, and threat activity, enabling security teams to understand and respond to threats effectively.

Key Products and Services

Abnormal’s core product is its Inbound Email Security platform, which protects against targeted attacks such as credential phishing, business email compromise (BEC), and supply chain fraud. Other key offerings include:

• Email Account Takeover Protection: This solution prevents unauthorized access to email accounts by detecting and blocking suspicious login attempts, mail rule changes, and other indicators of compromise.
• Email Security Posture Management: This offering helps organizations assess and improve their email security posture by identifying vulnerabilities and providing recommendations for improvement.
• AI Security Mailbox (formerly Abuse Mailbox Automation): Automates the processing and analysis of emails reported to the abuse mailbox, enabling security teams to identify and respond to threats more efficiently.
• Email Productivity: Provides tools to enhance email productivity, such as automated graymail filtering and other features that reduce clutter and improve workflow.

While the company’s flagship product is Inbound Email Security, they are expanding beyond email to offer autonomous AI-powered solutions for other applications. New products and services are often introduced through the Abnormal Marketplace.

Target Customers and Benefits

Abnormal primarily targets large enterprises across various sectors, including those heavily reliant on email communication. They serve a significant portion of the Fortune 500 and have a growing customer base. Key customer benefits include:

• Protection against Advanced Threats: Abnormal stops sophisticated attacks that bypass traditional security measures, protecting organizations from financial loss, data breaches, and reputational damage.
• Reduced Security Costs: By automating security operations and reducing the need for manual intervention, Abnormal helps organizations lower their overall security costs.
• Improved Security Posture: The platform provides valuable insights into email security vulnerabilities and helps organizations strengthen their defenses against future threats.
• Simplified Security Management: The cloud-native platform and seamless integrations simplify email security management, freeing up IT resources for other critical tasks.
• Increased Productivity: Features like automated graymail filtering and other productivity tools help improve workflow and reduce email clutter.

Cloud Integrations and Marketplaces

Abnormal integrates with various cloud platforms and has a presence on several cloud marketplaces:

• Microsoft 365: Direct integration for seamless email security.
• Google Workspace: Direct integration for comprehensive email protection.
• AWS Marketplace: Available for purchase and deployment on AWS.
• Microsoft Azure Marketplace: Available for purchase and deployment on Azure.
• Other Integrations: Okta, Salesforce, ServiceNow, AWS, Workday, Azure Active Directory, Ping, Atlassian, Box, DocuSign, Dropbox, Google Drive, Slack, Zoom, Zendesk, Elastic, CrowdStrike Falcon, and ServiceNow.

Key People

• Evan Reiser: Co-Founder
• Sanjay Jeyakumar: Co-Founder

Key Facts

• Headquarters: San Francisco, California, USA
• Number of Employees: Approximately 310 (US-based)
• Publicly Listed: No

Analyst Group Recognition

• Gartner: Recognized as a “Leader” in the Magic Quadrant for Email Security Platforms. They are also recommended for their simplicity of evaluation, additional visibility into internal traffic, and ability to detect suspicious behavior.