Behavioral AI platform defends against multi-channel attacks
While email remains the most common path to target an organization, we're increasingly using other tools like Slack, Teams and Zoom too, so cybercriminals are steadily shifting their tactics and targeting these additional entry points across the enterprise.
AI-based email security platform Abnormal Security is launching a range of new additions to its product focused on expanding security detection for these collaboration tools.
Abnormal is expanding its platform API integration capabilities to absorb unique data from more sources. Additional signals from these applications help boost understanding of user behavior by enabling the platform to analyze sign-in events, geolocation data, session details, communications patterns and more across a number of cloud-based applications. When the platform identifies anomalous activity, it provides a consolidated view through an 'Abnormal Behavioral Case Timeline', which allows security teams to see cross-channel attacker activity and take appropriate actions.
"Attackers are increasingly relying on multi-channel attacks to access valuable information and steal data for financial gain," says Evan Reiser, chief executive officer at Abnormal Security. "The best way to protect against these sophisticated attacks is to ingest many signals from diverse sources to learn the behavior of each identity across the multi-channel cloud surface area, and then apply advanced AI models to precisely detect anomalies. While email remains our primary focus, we know that threats can come from multiple places across the enterprise and we’re excited to take our behavioral AI capabilities to the next level to protect email-like communications in Slack, Teams and Zoom."
Abnormal allows administrators to take action against malicious activity, monitoring Slack, Microsoft Teams and Zoom for messages that contain suspicious URLs and then flags potential threats for further review. It also analyzes authentication activity alerting security teams to suspicious sign-in events.
Security teams get a complete view of user privilege changes in Slack, Microsoft Teams and Zoom to ensure only the appropriate users have admin rights.
You can find out more on the Abnormal Security site.
Image credit: Funtap/depositphotos.com