Abnormal Security Reviews

Name: Abnormal Security
Brand: Abnormal Security
Rating: 4.8 (9 reviews)

4.8 out of 5

9 reviews
100% willing to recommend

What is Abnormal Security?

Abnormal Security is a cloud-based email security platform designed to protect organizations from advanced targeted attacks, such as phishing and business email compromise (BEC), and account takeovers. Their approach is centered on using artificial intelligence (AI) and behavioral data science to detect anomalies in email activity.

Get the Abnormal Security Buyer's Guide and find out what your peers are saying about Abnormal Security, Microsoft Defender for Office 365, Darktrace and more!

Abnormal Security is the #3 ranked solution in top Secure Email Gateway (SEG) solutions and #9 ranked solution in top Email Security solutions. PeerSpot users give Abnormal Security an average rating of 9.6 out of 10. Based on the analysis of the 9 most recent Abnormal Security reviews, the overall sentiment is positive, with a sentiment score of 7.9. (Among the highest in the category). Abnormal Security is most commonly compared to Microsoft Defender for Office 365: Abnormal Security vs Microsoft Defender for Office 365. Abnormal Security is popular among the large enterprise segment, accounting for 57% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 15% of all views.

Helped 816,406 peers since 2012

Featured reviews

William Schellhaas

Senior Director of IT at Crunch Fitness West Florida and Atlanta (CR Fitness)

The ideal scenario would be for Abnormal Security to work in tandem with Microsoft to analyze incoming emails. This means Abnormal Security would assess emails before they reach my inbox, even if it happens slightly after Microsoft's initial scan. Currently, the process isn't seamless. Microsoft analyzes emails and delivers legitimate ones to my inbox. Abnormal Security then scans these delivered emails, and if flagged as malicious, they disappear. This creates a problem for our ticketing system mailbox, which is a third-party service. Emails sent to the ticketing system address are automatically forwarded by Microsoft. However, if these emails are malicious, Abnormal Security only cleans them from my Outlook mailbox after they've been forwarded. Since we primarily rely on the ticketing system and not the Outlook mailbox, these malicious emails still reach the ticketing system.

Read full review

Christopher Chambers.

Vice President of Information Security at Comfort Systems USA Inc

I'm impressed with their API architecture. One of the main reasons is its invisibility to threat actors trying to launch attacks. Unlike our traditional email security tools in the SEG, which attackers can easily detect before they even start emailing us, the API remains hidden until they've already begun their attack. This gives us valuable early visibility via the API, allowing us to easily pipe that data to other tools and stop advanced attacks more effectively. The improved visibility into our email infrastructure also benefits our IT teams. Using the API integration, they can now remediate issues in minutes, whereas before it could take hours. Previously, identifying an inbound cyber attack meant bouncing between several tools: one to identify the attack, another to track affected emails, and yet another to quarantine them. Abnormal's APIs streamline this process. With a single search, an IT technician can identify users who received the emails, track who clicked on them, see where the emails are located, and even delete them from everyone's inbox directly. This has drastically reduced our investigation and response time for phishing and BEC attacks, from hours to mere minutes. Compared to many other vendors we considered, Abnormal Security stands out in its ability to detect the full spectrum of email threats. While our existing Secure Email Gateway handles traditional threats like spam and malware quite well, it often misses more sophisticated attacks. The SEG relies on static indicators like email flags, suspicious file hashes, or mass recipient lists. We can easily identify and filter out emails matching these criteria, but they do little to stop targeted attacks. Here's where Abnormal Security shines. Their anomaly detection engine excels at recognizing one-off attacks, including those where a threat actor infiltrates a vendor's mailbox and manipulates payment instructions or redirects transactions. Abnormal identifies these anomalies using behavioral analysis, effectively catching threats that traditional static methods typically miss. The two main benefits Abnormal Security offers us are its ease of use and its powerful search capabilities. These features empower our internal teams to get more involved in the response process, helping us track down threats efficiently. Additionally, Abnormal's ability to stop advanced attacks significantly reduces our security team's workload. Security teams are consistently stretched thin, so minimizing wasted effort chasing false alarms is crucial. By keeping harmful emails out of user inboxes, Abnormal allows us to focus on other priorities. In summary, our primary gains from Abnormal are its effectiveness in blocking attacks and its ability to empower our internal teams, ultimately strengthening our overall security posture. Abnormal Security's AI and machine learning capabilities significantly expand the range of email attacks they can block. This is crucial to optimizing their product's performance for us. Specifically, their ability to leverage AI indicators and extensive email telemetry is critical for stopping advanced threats, like compromised mailboxes sending disguised emails. Traditional methods often fall short in such scenarios. Our primary concern is identifying emails sent by a threat actor posing as a legitimate mailbox owner. AI-powered anomaly detection proves virtually indispensable in discerning the true sender's identity. Abnormal Security has identified and prevented several such sophisticated attacks in our own experience. One remarkable example involved a vendor's seemingly legitimate email flagged as suspicious by Abnormal. Initially dismissed as a false positive by our first responders, a deeper analysis of the email's telemetry revealed subtle anomalies. The email's sudden shift to a professional tone, unlike the typically casual communication with this vendor, was one such anomaly. As it turned out, Abnormal's suspicions were correct – the vendor's account had been compromised. This instance highlights the unparalleled effectiveness of AI in detecting sophisticated email threats. By focusing on abnormalities in email behavior, AI can uncover hidden dangers that might otherwise elude traditional security measures. The deployment of AI has significantly reduced the number of internal attacks we encounter, and it has even extended its benefits beyond our perimeter. We've proactively alerted several customers and vendors about potential compromises before they even realized their systems were under attack. This proactive approach has been well-received, with many recipients expressing their appreciation for our timely intervention. Within our organization, AI has dramatically streamlined our security operations by automating the analysis of sophisticated attacks, freeing up valuable time and resources for our security teams. Abnormal Security has dramatically reduced the time our team spends resolving email incidents. What used to consume hours or even days, depending on the attack and response complexity is now handled within minutes, often by less experienced team members. This has significantly improved our efficiency and freed up valuable time for other security tasks. Although no product can eliminate attacks, we've been pleasantly surprised by the effectiveness of Abnormal Security. Initially, when we approached them with our use case and problem, we'd have been happy with a much lower catch rate. Stopping even a significant number of attacks would have been a success. But the actual results have been incredibly impressive. While some attacks still slip through, the features in Abnormal allow us to feed those cases back into their system. This feedback fuels the AI's learning process, helping it avoid repeating the same mistakes. Interestingly, the attacks that remain undetected are often difficult to define even for human analysts. They involve subtle cues that would be challenging for any AI to spot in the specific contexts we've encountered. One example involved a new customer with whom we had exchanged only a handful of emails. While this customer's account became compromised, the attacker wasn't the usual contact person. Since the AI had only profiled the communication style of the usual contact, the malicious email appeared normal compared to that limited baseline. In such cases, where the AI lacks sufficient data, even exceptional systems can be caught off guard. While no product is perfect, we're highly impressed by Abnormal's speed and efficiency in catching attacks. They've dramatically reduced the workload on our help desk compared to the past, with the results being clear and measurable. Compared to our old solutions, Abnormal Security's incident response is like night and day. With our previous SEG, identifying and remediating a suspicious email was a cumbersome process. We'd flag the email, then jump through hoops to figure out who received it and if anyone clicked on it. With different modules and separate views, it was a mess. Once we confirmed the threat, another system hunt began, pulling emails from user inboxes. It was slow, fragmented, and frustrating. Abnormal is a breath of fresh air. If we spot a threat alert on the dashboard, we simply click on it to see all recipients, where the email sits, and who interacted with it. And then, the holy grail – a single button. Click 'Remediate', and those emails vanish from user inboxes, instantly neutralized. Just a button click from issue detection to resolution in seconds. All from one screen. That's the transformative power of Abnormal Security. Something our old solutions couldn't dream of.

Read full review

Robert Crowther

IT Manager at a media company with 501-1,000 employees

Abnormal Security's visibility into internal spam attacks, thanks to its API-based architecture, has been exceptional. It's incredibly fast, with no delays, unlike other solutions that can introduce lag times of up to ten minutes. For executives, this is unacceptable. Having direct API integration is a game-changer. It provides clear visibility into messages and is remarkably user-friendly. There's no need for days of training on the admin dashboard; it's intuitive and straightforward. Clicking here and there is all it takes to search for emails. The interface displays delivery details, current location, and the processing outcome, indicating whether the email was deemed spam and moved to junk or considered legitimate. Abnormal Security's full-spectrum email attack detection has proven effective in protecting us against various threats, including credential phishing, invoice fraud, extortion attempts, and name impersonation. On rare occasions where emails slip through the cracks, reporting them leads to swift remediation within two hours, accompanied by training updates to prevent similar occurrences. I haven't encountered similar emails after submitting reports. It is important that threats can be detected in cloud collaboration applications such as Slack Teams and Zoom. Anything that will help protect our organization is valuable. The Proof of Concept for Abnormal Security demonstrated its effectiveness by catching threats that Mimecast missed. Its AI and machine learning expand the range of email attacks it can stop, while also reducing false positives. We had significant issues with our previous provider, Mimecast, experiencing numerous false positives reported by various teams. When I suggested that the system should be smarter, the response was usually dismissive. Thankfully, I don't encounter this issue with Abnormal Security. The biggest example I can give involves impersonation attacks. With Mimecast, any new employee creating an account on Thursday and then receiving emails from our recruiting team on the same day would trigger an impersonation alert, despite the recruiting team having prior interactions with that person. Abnormal Security, however, recognizes that the new account was recently created, the older account has a history of sending emails, and there was prior communication between the two accounts, accurately concluding that this is not an impersonation attempt. While we could potentially collect flight data to further solidify this, Abnormal Security's intelligence allows it to understand that such activity from a new employee is legitimate. We haven't experienced any false positives or false negatives with Abnormal Security. The AI and machine learning capabilities have helped reduce the number of attacks that get through. We have another solution that we placed in front of Abnormal Security for added security and we found that Abnormal Security is catching emails that were phishing extortion invoice fraud that the other solution didn't recognize as a threat. Abnormal Security has reduced the amount of time our team spends on email incidents by a minimum of four to five hours per week. It helped reduce the cost of redundant security email gateway solutions. Previously, our solution lacked warnings about potential security issues. Abnormal Security, however, has identified a couple of instances where it flagged suspicious activity. For example, it might alert us that someone's account seems compromised and suggest taking action. If we don't intervene, Abnormal Security will automatically handle the situation. Importantly, these alerts provide valuable insights we never had before, such as identifying VPN usage. This increased visibility significantly enhances our security posture.

Read full review

Abnormal Security mindshare

As of November 2024, the mindshare of Abnormal Security in the Email Security category stands at 6.7%, up from 2.7% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Email Security

Key learnings from peers

Last updated Nov 21, 2024

Valuable Features

Users find that the valuable features of Abnormal Security include its comprehensive email security capabilities, advanced threat detection technology, strong protection against phishing attacks and its behavioral AI engine. The behavioral AI engine used to analyze email activity and identify anomalies that deviate from normal user behavior.

Customers appreciate the ease of use in setting up and managing the platform, along with its ability to accurately filter out suspicious emails and prevent potential cyber threats. The robust security measures implemented by Abnormal Security help businesses safeguard their sensitive information and maintain a secure email environment.

"I like Abnormal's threat protection with auto-remediation, but I also love its abuse mailbox feature, which automatically responds to the end user. That feature has a super-valuable security component and helps improve the user experience."
"I have never encountered any stability issues with Abnormal."
"The features that appeal to me most are the combination of auto-remediation and Detection 360."

Room for Improvement

Several users have pointed out the need for better integration with other email platforms. Specific example is that Abnormal Security should ideally analyze emails in coordination with Microsoft before they reach the inbox. Currently, the process is disjointed, causing malicious emails to be forwarded to the third-party ticketing system before Abnormal Security can remove them from the Outlook mailbox, leaving the ticketing system vulnerable.

Some users have complained about occasional delays in email delivery. Others have suggested improvements in the reporting and analytics features to provide more detailed insights.

"Abnormal should add more automatic reports. I have an open request to our account team for more notification and report types that can be sent automatically. For example, they have an awesome report that gets sent weekly, and I also want them monthly, so I don't need to do so much adding up when my director wants numbers over time."
"The ideal scenario would be for Abnormal Security to work in tandem with Microsoft to analyze incoming emails."
"One feature I'd love to see is outbound scanning."

ROI

Abnormal Security users have reported improved security, reduced threats, and overall effectiveness in protecting their organization.

Pricing

Users have generally found that the pricing of Abnormal Security reasonable and competitive compared to other Email Security solutions. Specifically, users mentioned that the initial setup cost was minimal and the licensing model was straightforward.

"Abnormal Security, on the other hand, provides the same level of functionality for just over $60,000 – that's half the price!"
"The pricing appears fair, and they demonstrate a genuine willingness to work with us on it."
"Overall, we'd certainly prefer lower pricing, but Abnormal Security doesn't seem unreasonable compared to similar offerings in the market."

Popular Use Cases

The primary use cases of Abnormal Security are protecting email communications, detecting and preventing threats, filtering out spam and phishing emails, and blocking malicious attachments. Users have reported that they rely on Abnormal Security to enhance their email security, identify and stop sophisticated attacks, safeguard sensitive information, and improve overall cybersecurity measures.

Service and Support

Customers frequently mention how helpful, responsive and efficient the customer service and support team at Abnormal Security is. They commend the team for being attentive, knowledgeable, and quick to resolve any issues or answer questions. Many users appreciate the personalized attention and thorough assistance they receive when interacting with the customer service and support staff at Abnormal Security. Overall, customers seem very pleased with the level of support provided by the company.

Deployment

The Abnormal Security deployment is reported to be straightforward, involving integration with Microsoft 365 using global administrator credentials, configuring alert settings, and setting up processes for handling security incidents. The entire setup can be completed within a few hours through a simple checkbox-based configuration.

Another user shared that authorization was easy, requiring only two clicks, and the API allowed seamless integration with existing security platform. The automated backend processes eliminated the need for manual configurations, making it one of the simplest security product deployments experienced by the team.

The implementation can be completed in-house with the help of Abnormal's deployment team.

Scalability

The scalability of Abnormal Security's solution receives consistently positive feedback from users, with many citing its ability to grow and adapt to their organization's changing needs over time. Users appreciate the seamless integration into existing systems and the ease of adding new users or features as their business expands. The solution is considered robust and flexible, proving to be a reliable choice for organizations of various sizes and industries.

Stability

Users have praised Abnormal Security's solution for being reliable and robust. They have noted that it provides a consistent and secure experience, giving them confidence in its stability. Additionally, customers appreciate the peace of mind that comes with knowing their email security is in good hands. Overall, users have found Abnormal Security's solution to be a dependable and trustworthy option for protecting their email communications.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Abnormal Security Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Computer Software Company

15%

Financial Services Firm

10%

Manufacturing Company

Government

University

Healthcare Company

Retailer

Construction Company

Educational Organization

Comms Service Provider

Energy/Utilities Company

Insurance Company

Real Estate/Law Firm

Non Profit

Legal Firm

Consumer Goods Company

Wholesaler/Distributor

Outsourcing Company

Hospitality Company

Media Company

Performing Arts

Pharma/Biotech Company

Transportation Company

Leisure / Travel Company

Recreational Facilities/Services Company

Wellness & Fitness Company

Compare Abnormal Security with alternative products

Learn more about Abnormal Security

Abnormal Security is specializes in protecting email communications, detecting and preventing threats, filtering out spam and phishing emails, and blocking malicious attachments. Users rely on Abnormal Security to enhance their email security, identify and stop sophisticated attacks, safeguard sensitive information, and improve overall cybersecurity measures.

Abnormal Security targets sophisticated attacks that traditional email security measures might miss. Their system analyzes various data points to build an understanding of email behavior within your organization. This includes emails themselves, sender and recipient information, and even business context. By understanding these patterns, they can identify anomalies that might indicate a malicious attempt. Their solution is designed for the cloud, offering quick deployment and minimal configuration. This eliminates the need for complex setup processes often associated with security software.

Abnormal Security customers appreciate the ease of use in setting up and managing the platform, along with its ability to accurately filter out suspicious emails and prevent potential cyber threats. Abnormal Security has been praised for streamlining processes, boosting productivity, improving communication within teams, providing valuable analytics for informed decision-making, and driving success in various projects. Experience the robust security measures and benefits of Abnormal Security to safeguard your sensitive information and maintain a secure email environment.