Our Partners

The open design of cloud email platforms provides new opportunities for collaboration and extensibility, but it has also opened up new channels for attackers to exploit.

Attackers today are learning how the different identities within an organization interact, then launching targeted attacks that continue to evolve in complexity and efficacy. These sophisticated attacks evade detection by traditional solutions, using privileged user accounts and third-party application integrations as entry points. More attackers are even setting their sights on adjacent, email-like channels including collaboration apps to infiltrate the organization.


Average cost per business
email compromise incident.


Average SecOps hours saved
annually with Abnormal
Abuse Mailbox Automation.

60 Seconds

To integrate with Microsoft 365
or Google Workspace and begin
protecting employees.


Average organization’s
savings in mitigated risk
annually with Abnormal.

Cloud-Native, API-Based Architecture

  • Installs in seconds with no tuning, setup, or operational overhead.
  • Ingests unique data sets across email messages, Active Directory, collaboration apps, and more.

AI-Based Behavioral Anomaly Detection

  • Builds per-user and per-organization behavioral models.
  • Applies behavioral anomaly detection to stop known and emerging attacks.

Unified Architecture for Multi-Channel Protection

  • Protects internal email, email accounts, and email infrastructure.
  • Extends to email-like channels including Slack, Microsoft Teams, and Zoom.

Watch this video to see how our two partner technologies Abnormal and Crowdstrike work together to enhance their protection factor.

The initial technology integration between Abnormal and CrowdStrike delivers bi-directional threat detection and response. When the CrowdStrike Falcon platform detects risk, an account takeover case is automatically created within the Abnormal platform. Security analysts, or autonomous policies, take rapid action: forcing step-up authentication, logging out users, terminating sessions and even mandating a password reset. When Abnormal detects an email account compromise, a real-time alert automatically adds the targeted user to the Falcon Watched Users list for re-authentication and investigation.