chat
expand_more

Introducing Security Posture Management (Generally Available)

Security Posture Management monitors high-impact configuration changes using behavioral insights from PeopleBase, AppBase, and TenantBase to help teams spot and respond to risky shifts in app permissions, user privileges, and security policies.
March 1, 2023
Major Release
Security Posture Management

Often, security teams have limited visibility into configuration changes across users, integrated applications, and tenants, requiring time-consuming manual investigation efforts to identify and address risks. The Security Posture Management add-on improves the risk posture of cloud email environments by surfacing and centralizing visibility into changes to user privileges, application permissions, and mail tenant conditional access policies.

Security Posture Management uses the behavioral profiles built by three of the Abnormal Knowledge Bases - PeopleBase, AppBase, and TenantBase - to monitor for high-impact configuration changes. Once these changes are identified, teams can drill into contextual insights with a before-and-after view of each change, links to entities involved, relevant documentation, and suggested next steps.

Abnormal users can also schedule email notifications as changes occur, export to the SIEM, and denote when a change is or has been addressed via an acknowledgement workflow.

Get the Latest Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.