Abnormal now supports near-real-time event streaming via webhooks, giving customers a faster and more flexible way to consume Abnormal data in their own systems and security tools. Built on our existing SIEM framework, this integration delivers the same reliability and security customers expect with the added benefit of direct data flow to any HTTPS endpoint.
With this release:
Real-Time Event Delivery
Send Threats, Vendor Cases, AI Security Mailbox, Audit Logs, Account Takeover, and Security Posture Management events via webhook
JSON payloads match existing SIEM data formats
Flexible Configuration & Security
Configure your HTTPS endpoint and choose from multiple authentication methods, including API Key, Basic Authentication, Bearer Token, and Custom Header
Supports IP allowlisting and delivery with guaranteed retries
Simple Setup
Add Webhook as a new SIEM integration type in the Portal
Validate endpoint and test delivery before saving
This update makes it simple to stream Abnormal event data directly into any system, providing faster visibility and easier automation for security and operations teams.