Email remains the most common entry point for cyberattacks, but today’s threats look nothing like the phishing campaigns of the past. Socially engineered lures, AI-generated messages, and invisible links now exploit identity patterns and behavioral context, making them difficult for both humans and legacy controls to detect.

To stay ahead, security teams need contextual insight they can rely on and automation that works transparently. That’s why Abnormal continues to invest in visibility, explainability, and speed across every layer of Inbound Email Security. Our recent releases give employees better visibility into how their inbox is protected, help analysts make faster decisions, and make investigations more transparent for everyone.

The update to Inbox Insights, now Email Digest, turns remediated message summaries into a cleaner, more contextual snapshot of the protection happening behind the scenes.

The redesigned digest adds sender and subject details so users can immediately see which messages were removed and why. Each section displays up to 50 messages for quick scanning, and product branding has been removed from the subject and body to make the notification feel native to the inbox.

By turning remediation updates into a simple daily or weekly summary, Email Digest helps employees stay informed, build trust in their defenses, and play an active role in organizational security.

Analysts need clear, consistent information to release or quarantine messages safely. With the latest updates, Abnormal judgments now appear alongside Microsoft’s in the Quarantine Release view of Search & Respond, providing a unified perspective for faster decisions.

Each message includes Abnormal’s behavioral score—Safe, Suspicious, or Malicious—bringing the same advanced analysis that powers Abnormal detection into the Microsoft 365 environment. Analysts can filter by Abnormal judgment and run time-based searches across all messages for audits, investigations, or incident response.

The result is a smoother, more reliable workflow that reduces context switching and shortens the path from alert to action.

Malicious links remain one of the most common entry points for attacks, and users deserve clarity about how their links are being protected. The new URL Rewriting explainability features provide that visibility, showing why protection was applied and giving analysts deeper insight into click activity.

Every protected URL now includes an explanation that builds user confidence in how Abnormal safeguards access. Security teams gain richer telemetry through standardized click-event data published to SIEM, including user, link, and threat details. This same context appears in the Click Tracking Dashboard and end-user warning pages, helping analysts trace clicks quickly and accurately.

By combining clarity with data depth, these improvements make link protection both easier to understand and more effective to manage.

Phishing campaigns are evolving to reach users through channels beyond traditional email, including calendar invites. To address this, Abnormal now automatically removes malicious or unwanted calendar events linked to remediated emails, keeping user calendars clean and trusted.

The release also adds a Calendar Invite Attack insight in the Threat Log, giving analysts immediate visibility into this emerging vector. With this capability, Abnormal extends the same behavioral intelligence that protects email to the broader Microsoft 365 environment.

Learn more about how Abnormal stops calendar-based threats in our dedicated blog on Calendar Invite Attacks.

These releases represent more than product evolution; they demonstrate Abnormal’s commitment to explainable, human-centered protection. Abnormal’s approach brings clarity to complex threats, empowering both users and analysts to act with confidence.

As attackers become more adaptive and deceptive, transparency and trust are becoming the new front line of defense. By focusing on visibility, speed, and simplicity, Abnormal continues to elevate what effective, user-first email security looks like.

To learn more about Inbound Email Security, schedule a personalized demo.