Abnormal Blog

See how modern phishing attacks are built, why manual email triage creates operational risk, and how AI Security Mailbox speeds detection and containment.

The CIS Microsoft 365 Foundations Benchmark v6 codified two years of real-world breach patterns into 29 new controls. Here is what changed, and what every Security Posture Management tenant now evaluates automatically.

Learn how Abnormal’s AI Detection Agents analyze customer-reported attacks, identify behavioral patterns, and iteratively generate detectors that generalize beyond static indicators.

See what changed, what was deployed, and what it caught—traceable evidence from every report to deployed protection.

Device code phishing allows attackers to hijack legitimate Microsoft 365 authentication flows and maintain persistent access. Learn how Abnormal AI detects compromise and helps contain account takeover activity.

Every vendor claims AI. The difference is whether the system reads intent or chases tactics. Here's what makes Abnormal's detection engine different.

Abnormal now inspects auto-forwarded Microsoft 365 email before it reaches tools like Salesforce, Zendesk, and ServiceNow, blocking phishing and BEC upstream.

A single compromised admin triggered 200,000 device wipes. Learn why rethinking security posture in Microsoft 365 is key to containing risk.

Security teams rely on employee reporting but struggle to measure its impact. Metrics like reporting activity, response times, and feedback loops reveal whether security awareness is driving real behavior change.

Learn how to layer Microsoft Teams policies, incident response playbooks, and automated remediation to defend against the threats native controls can't stop.

Vendor email compromise and impersonation are rising. See how VendorBase delivers continuous vendor discovery and real-time risk analysis—powered by federated intelligence—to stop vendor fraud faster.

See how the Abnormal Behavior Platform delivers immediate value by stopping advanced email attacks, remediating account takeovers, automating user-reported email triage, reducing graymail, and strengthening security posture.

How modern account takeover attacks bypass traditional detection and how behavioral AI actually stops them.

Abnormal Email Productivity automates graymail management to reduce inbox noise, cut manual effort, and free lean SOC teams to focus on higher-value security operations.

Learn how Abnormal's behavioral model uses signals, recency, and context—not just clicks—to deliver a more accurate and actionable phishing risk score.

Protect Microsoft Teams from malicious files and phishing. Learn how real-time attachment scanning and auto-remediation reduce risk and dwell time.

See how attackers weaponized a legitimate vendor's Microsoft 365 account to deliver a French-language VEC attack that cleared every standard authentication check.

AI Phishing Coach helps mitigate human risk with a new dynamic scoring dashboard and realistic BEC/VEC simulations.

Attune 1.0 transforms detection with a unified behavioral intelligence architecture built for an AI-driven threat landscape.

Learn how explainable AI brings clarity to cloud email security, giving SOC teams insight into detection decisions and greater confidence in automated defenses.

Abnormal introduces Attune 1.0, new visibility and control capabilities, and advances in human risk management, marking the next evolution of behavioral security.

Abnormal’s revamped Email Productivity Dashboard makes it easy to measure graymail impact, track deployment, and export executive-ready reporting on hours saved, coverage, and trends.

Abnormal transforms every employee-reported email into automated remediation and personalized coaching without increasing SOC workload.

Learn why behavioral AI outperforms static rules in detecting account takeover, reducing false positives while uncovering sophisticated identity attacks.