Abnormal Security, the leading behavioral AI-based email security platform, today announced the launch of three new products focused on expanding security detection for Slack, Microsoft Teams and Zoom. The company is also extending the platform to better model identity behavior through the ingestion of signals from additional sources, including CrowdStrike, Okta, Slack, Teams and Zoom.
Email remains the most common path into an organization, but cybercriminals are steadily shifting their tactics and targeting additional entry points across the enterprise. The recent attacks on EA Sports and exfiltration of Grand Theft Auto source code highlight how attacks are becoming increasingly multi-channel, as cybercriminals infiltrate one platform and move laterally throughout the environment to gain access to email and other sensitive data. Security leaders are concerned about these new attacks, but lack a single platform that can correlate signals across channels in one unified view.
To solve the problem, Abnormal is expanding its platform API integration capabilities to ingest unique data from more sources. Additional signals from these applications enrich Abnormal’s understanding of user behavior by enabling the platform to analyze sign-in events, geolocation data, session details, communications patterns and more across a number of cloud-based applications. When the platform identifies anomalous activity, it provides a consolidated view through an “Abnormal Behavioral Case Timeline,” which allows security teams to see cross-channel attacker activity and take remediation actions.
In the latest Market Guide for Email Security, Gartner® states, “Although email is still the most common attack vector, many attackers use emails to begin the communication and then move it to Slack, Teams or any other collaboration platforms.” Accordingly, we believe there is a need to secure these platforms, filtering malicious content and highlighting suspicious interactions.
The new products will extend the power of the Abnormal platform to detect suspicious messages, remediate compromised accounts and provide insight into security posture across the three applications. Capabilities include:
- Email-Like Messaging Security: Allows administrators to take action against malicious activity, monitoring Slack, Microsoft Teams and Zoom for messages that contain suspicious URLs and then flagging potential threats for further review. Malicious messages are surfaced regardless of whether the message is sent from an internal employee or an external contractor.
- Email-Like Account Takeover Protection: Analyzes authentication activity in Slack, Teams and Zoom, alerting security teams to suspicious sign-in events—whether a user is signing in from a blocked browser, in a risky location or on a known-bad IP address. Each event is automatically flagged for immediate investigation, with single sign-on (SSO) activity from Okta and Azure Active Directory included for additional evidence.
- Email-Like Security Posture Management: Gives security teams a complete view of user privilege changes in Slack, Microsoft Teams and Zoom to ensure only the appropriate users have admin rights. Email-Like Security Posture Management dynamically monitors for new changes, surfacing those that are considered high impact.
The new products are part of the comprehensive Abnormal Security platform and will be available for all customers to explore through the brand new Abnormal Marketplace starting next week.
Additional Resources
- To learn more about the new products, you can read this blog post.
- To discover the Abnormal architecture and new data ingestion capabilities, visit this webpage.
- To request a personalized demo and get started protecting your cloud communications today, visit this webpage or Booth #854 at RSA Conference.
Like this:
Like Loading...
Related
This entry was posted on April 25, 2023 at 9:00 am and is filed under Commentary with tags Abnormal Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Abnormal Security Expands Behavioral AI Platform to Protect Against Multi-Channel Attacks
Abnormal Security, the leading behavioral AI-based email security platform, today announced the launch of three new products focused on expanding security detection for Slack, Microsoft Teams and Zoom. The company is also extending the platform to better model identity behavior through the ingestion of signals from additional sources, including CrowdStrike, Okta, Slack, Teams and Zoom.
Email remains the most common path into an organization, but cybercriminals are steadily shifting their tactics and targeting additional entry points across the enterprise. The recent attacks on EA Sports and exfiltration of Grand Theft Auto source code highlight how attacks are becoming increasingly multi-channel, as cybercriminals infiltrate one platform and move laterally throughout the environment to gain access to email and other sensitive data. Security leaders are concerned about these new attacks, but lack a single platform that can correlate signals across channels in one unified view.
To solve the problem, Abnormal is expanding its platform API integration capabilities to ingest unique data from more sources. Additional signals from these applications enrich Abnormal’s understanding of user behavior by enabling the platform to analyze sign-in events, geolocation data, session details, communications patterns and more across a number of cloud-based applications. When the platform identifies anomalous activity, it provides a consolidated view through an “Abnormal Behavioral Case Timeline,” which allows security teams to see cross-channel attacker activity and take remediation actions.
In the latest Market Guide for Email Security, Gartner® states, “Although email is still the most common attack vector, many attackers use emails to begin the communication and then move it to Slack, Teams or any other collaboration platforms.” Accordingly, we believe there is a need to secure these platforms, filtering malicious content and highlighting suspicious interactions.
The new products will extend the power of the Abnormal platform to detect suspicious messages, remediate compromised accounts and provide insight into security posture across the three applications. Capabilities include:
The new products are part of the comprehensive Abnormal Security platform and will be available for all customers to explore through the brand new Abnormal Marketplace starting next week.
Additional Resources
Share this:
Like this:
Related
This entry was posted on April 25, 2023 at 9:00 am and is filed under Commentary with tags Abnormal Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.