AI-driven attacks are making it increasingly difficult for enterprises to protect both the people powering the business and the sensitive data they interact with each day. Threat actors now use automation and generative AI to craft highly convincing phishing campaigns, compromise identities at scale, and exploit valuable data across cloud and SaaS environments. Defending against these threats requires deep insight into both user behavior and data movement—context that is often fragmented across disconnected tools.

​​To help organizations meet this challenge, Abnormal AI is announcing a strategic partnership with Cyera, a company aligned in our mission to modernize enterprise cybersecurity through an AI-native approach. The partnership also includes a forthcoming integration designed to enhance how organizations detect early signs of compromise and understand potential data exposure. As part of this collaboration, Cyera will sponsor Abnormal Innovate, and the two companies will appear together as joint sponsors at RSAC.

This partnership marks an important step toward delivering a unified, AI-driven security model that connects attacker behavior, user activity, and cloud data risk.

As adversaries adopt automation and generative AI, the speed and scale of modern attacks have changed dramatically. Threat actors are now able to:

• Launch highly tailored phishing attacks at scale

• Mimic trusted communication patterns

• Automate reconnaissance across cloud environments

• Rapidly identify and exfiltrate sensitive data once inside

In this environment, security teams need real-time visibility into both user behavior and data movement. Yet today, email and identity threats are often identified in one system, while data access and exposure risks surface in another. As a result, security teams often see isolated alerts without the broader context needed to understand how an attack unfolded or which data may be at risk.

This fragmentation makes it challenging to link early indicators of account misuse with the sensitive information that may be at risk. And in cloud ecosystems like Microsoft 365—where a single compromised account can access millions of data points—the lack of cross-domain visibility becomes a serious security gap.

Solving this challenge requires an AI-native approach that continuously learns, adapts, and correlates risk across users, identities, and data. Abnormal applies behavioral AI to model communication and authentication patterns for employees and vendors, enabling detection of phishing, business email compromise, account takeover, and other sophisticated threats that legacy tools miss.

Cyera brings AI-driven data intelligence that discovers and classifies sensitive data, maps where it lives, identifies who can access it, and tracks how it moves across cloud and SaaS environments. This gives security teams clearer insight into how data is exposed, misconfigured, misused, or exfiltrated.

Together, these complementary capabilities provide shared visibility across the attack chain, connecting early signs of compromise with the data most likely to be targeted or impacted.

As part of this partnership, Abnormal and Cyera are developing an integration that allows Cyera’s Omni DLP platform to leverage Abnormal’s insider risk and behavioral intelligence. This will help identify high-risk users and prioritize data loss prevention (DLP) alerts. The integration will provide clearer visibility into potential insider threats—both malicious and unintentional—and reduce data loss risk by helping security teams focus quickly on incidents involving suspicious activity and sensitive data exposure.

By combining shared signals and complementary AI models, the integration will help enterprises modernize their security stack with rich, contextual insight from detection through response.

1. Complementary Visibility Across Microsoft 365

​​Both platforms integrate with Microsoft 365 to provide shared visibility across email, identity, and data. Abnormal surfaces early indicators of compromise, while Cyera shows whether the same user is interacting with sensitive data across OneDrive, SharePoint, Copilot, and other M365 applications.

2. Connecting Email Attacks to Downstream Data Risk

A phishing email detected by Abnormal may be only the beginning. Cyera shows whether the compromised user viewed, moved, or exfiltrated sensitive data, helping incident and compliance teams assess breach impact and providing a full narrative from initial attack to potential data loss.

3. Confident, Risk-Based Prioritization

Security teams can focus attention on incidents involving both behavioral risk and access to sensitive data. This allows organizations to address the most critical threats first and respond with greater precision.

4. Clearer Insider Risk Detection

By combining Abnormal’s behavioral AI insights with Cyera’s understanding of data accessibility and exposure, security teams gain more accurate insider risk signals. The shared context helps identify compromised or risky users earlier and enables faster, more confident intervention.

5. A Future-Ready, AI-Native Defense Model

As AI-native platforms, Abnormal and Cyera continuously learn from behavioral and data signals, providing a scalable foundation for modernizing enterprise security as novel threats and environments evolve.

Explore how Abnormal and Cyera bring behavioral and data risk into clearer focus. Schedule a personalized demo.