Abnormal Security Add Threat Protection to Teams, Zoom and Slack

Three new features have been introduced, including message security, account takeover protection, and security posture management

3
Abnormal Security Add Threat Protection to Teams, Zoom and Slack
CollaborationLatest News

Published: April 27, 2023

Kieran Devlin

Cloud-based email security vendor Abnormal Security has launched new threat detection capabilities for Teams, Zoom and Slack.

Abnormal’s three new email-centric products are designed to help users of the Teams, Zoom and Slack platforms detect suspicious messages, remedy compromised accounts, and provide data and management services for security posture. The new solutions are included as add-ons to the Abnormal Inbound Email Security offering and are generally available at launch.

Evan Reiser, Chief Executive Officer at Abnormal Security, commented:

Abnormal’s platform uses an anomaly detection engine that ingests and correlates 45,000 plus behavioral signals from email platforms (Microsoft 365, Google Workplace), EDR platforms (CrowdStrike), authentication platforms (Okta), and email-like applications such as Slack, Microsoft Teams, and Zoom. Signals include sign-in events, geo-location, compromised identities, and communication patterns in messaging.”

The message security feature enables platform administrators to monitor and act against suspicious activities by scanning messages for suspicious domains and URLs. Administrators can then flag potential threats for further review. This solution includes messages sent from internal employees and external stakeholders.

The account takeover protection solution will assess Slack, Teams, and Zoom authentication activity and alert security teams to suspicious sign-in events. Examples include sign-ins from a blocked browser, a risky location, or an IP address with a bad reputation. Each event is automatically flagged for investigation. Single sign-on activity from Okta and Azure Active Directory is included for further evidence.

The security posture management feature provides an intuitive view of platform user privilege changes to certify that only the appropriate users have admin rights.

Vendors Becoming More Security-Conscious

Zoom, Teams, and Slack platforms being integrated with Abnormal’s new suite of threat protection solutions is the latest example of vendors becoming even more security-conscious, especially with the rise of hybrid work and the security and compliance risks associated with accessing sensitive data outside on-premises networks.

Earlier this month, Cisco announced it will introduce air-gapping to Webex in 2024 to address national security concerns.

Also in April, Lumen partnered with Versa Networks to bolster its range of network services and security solutions. Lumen specialises in Secure Access Service Edge (SASE) software, which creates frameworks for integrating networking services and security solutions. Lumen will leverage Versa’s SASE software into its expansive network and cloud platform availability.

Zoom also awarded $3.9 million to ethical hackers to find vulnerabilities in Zoom’s platform, meaning its Bug Bounty program has now surpassed $7 million in awards since its introduction in 2019.

Abnormal’s AI-Powered Security Platform

Abnormal’s solutions help businesses protect themselves against targeted email attacks, including phishing, social engineering and business email compromise scams. Abnormal is also adding data ingestion from new sources to improve its AI model, which parses user identity behaviour.

Abnormal Inbound Email Security is Abnormal’s core solution, deploying a cloud-native API architecture that enables the service to integrate with cloud email platforms, EDR, authentication services, and cloud collaboration applications. Its AI capability means it can assess a large number of signals to identify suspicious activity.

The AI model uses various methods to scan and detect suspicious domains for phishing scams. Including assessing whether a link is using too many redirects when clicked, the identity of the redirecting service providers, whether the eventual landing page uses webform indicators potentially attempting to steal information, the age and Alexa ranking of the domain, and the reputation of the registrar.

“Advanced AI and ML models,” Reiser added, “including natural language processing and natural language understanding, leverage these signals to baseline user behaviour and better understand identity and relationships across the organisation. “By understanding what is normal for each employee, vendor, application, and email tenant, Abnormal can detect and prevent the malicious and unwanted emails or email-like messages that bypass traditional solutions.”

Microsoft TeamsSecurity and Compliance

Brands mentioned in this article.

Featured

Share This Post