Why CrowdStrike?: Considering Microsoft?; Compare CrowdStrike; Industry recognition; Customer stories

Solutions by topic: Zero Trust; Cloud threat detection and response; Ransomware protection; Log4Shell mitigation; Observability & log management

Solutions by industry: Small business; Election security; Public sector; Healthcare; Financial services; Retail

Connect with us: Careers; Events; Fal.Con 2024; Falcon Encounter Hands-on Labs

Partner programs: Channel partners and distributors; Service providers; Strategic technology partners; CrowdStrike Marketplace; View all

About us: Our story; Executive team; Board of directors; Latest news; Investor relations; Environmental, social & governance; CrowdStrike & F1 Racing

English (US)

Platform
Falcon platform bundles
Falcon Go: get started with CrowdStrike
Affordable next-gen antivirus and USB device
control to protect your business.
Falcon Pro: optimize your defense
Next-gen antivirus and threat intelligence for greater
insight into your environment. Automated threat
investigations accelerate alert, triage and response.
Falcon Enterprise: never miss a threat
Unify all security tools to provide a single source of truth:
next-gen antivirus, EDR, XDR, managed threat hunting
and integrated threat intelligence.
Falcon Elite: advanced breach prevention
Integrated endpoint and identity protection, the expanded
visibility of Falcon Insight XDR, unequaled threat-hunting and
the added protection of identity security to stop every breach.
Falcon Complete: superior prevention, detection & response
The full suite of managed endpoint threat and identity protection
with expert monitoring and remediation.
Platform categories
Cloud security
Stop cloud breaches with unified cloud security posture management and breach prevention.
Data protection
Stop data theft with policy enforcement that automatically follows content, not files.
Endpoint security & XDR
Supercharge protection, detection and response – for endpoint and beyond.
Exposure management
Reduce risk with complete attack surface visibility and AI-powered vulnerability management.
Identity protection
Stop breaches faster by protecting workforce identities everywhere.
Next-gen SIEM
Rapidly shut down threats with real-time detections, blazing-fast search, and cost-effective data retention.
Threat intelligence & hunting
Disrupt adversaries and their attacks. Know them. Find them. Stop them.
IT Automation
Ask, answer, and act on any question across the IT estate, as an extension of the CrowdStrike platform.
Application Security Posture Management
See and secure every application and API with Bionic, a CrowdStrike company.
Platform capabilities
About the CrowdStrike platform
Charlotte AI
Falcon Foundry
Falcon Fusion
AI & machine learning
Threat Graph
FAQs
CrowdStrike Marketplace
Services
Prepare
Prepare and train your organization to defend against sophisticated threat actors using real-life simulation exercises.
Tabletop Exercise
Red Team / Blue Team Exercise
Adversary Emulation Exercise
Penetration Testing
Respond
Available under a Services Retainer, giving
you access to security consultants and
expertise to respond to a breach.
Incident Response
Compromise Assessment
Endpoint Recovery
Network Detection
Experienced a breach?
Fortify
Enhance your cybersecurity practices and
controls with actionable recommendations to
fortify your cybersecurity posture.
Maturity Assessment
Technical Risk Assessment
SOC Assessment
Cloud Security Assessment
Identity Security Assessment
Managed Services
Managed Detection & Response
Included in Falcon Complete and backed by CrowdStrike's Breach Prevention Warranty.
Managed Threat Hunting
Falcon OverWatch, as an extension of your team, hunting relentlessly to stop hidden threats.
Additional Services
Cloud Security Services
Identity Protection Services
Falcon LogScale Services
Partner Services
Why CrowdStrike?
Why CrowdStrike?
Considering Microsoft?

Compare CrowdStrike
See how we stack up against our competitors
Industry recognition
CrowdStrike is the recognized leader in
endpoint protection solutions.
Customer stories
Don't take our word for it, hear what
our customers have to say.
Solutions by topic
Zero Trust
Real-time breach protection on any endpoint, cloud workload or identity, wherever they are.
Cloud threat detection and response
Stop cloud breaches for multi-cloud and hybrid environments in a single platform.
Ransomware protection
Learn what you can do to stop ransomware threats in their tracks.
Log4Shell mitigation
Get the latest information on this evolving vulnerability.
Observability & log management
Fills in the gaps, logs everything, and realizes real-time observability for your entire system.
Solutions by industry
Small business
Election security
Public sector
Healthcare
Financial services
Retail
Learn
Featured resources
Considering Microsoft?
Cyber risk that starts with Microsoft
ends with CrowdStrike
Cybersecurity 101 glossary
Explanations, examples and best practices
on a variety of cybersecurity topics.
Get your threat landscape
Discover the adversaries targeting
your industry.
2024 Global Threat Report
The must-read cybersecurity report of the year.
2023 Threat Hunting Report
CrowdStrike's threat hunting insights
from July 1, 2022 to June 30, 2023.
CrowdStrike blog
Discover how CrowdStrike protects you against the most advanced attacks.
From the front lines
Executive viewpoint
Counter Adversary Operations
Customer focused
Free trial guide
Customer support portal
CrowdStrike University
CrowdStrike Tech Center
Developer portal
Knowledge resources
Case studies
White papers
Webinars
Adversary Universe Podcast
Reports
Logging guides
Try interactive demo
All resources
Company
Connect with us
Careers
Events
Fal.Con 2024
Falcon Encounter Hands-on Labs
Partner programs
Channel partners and distributors
Service providers
Strategic technology partners
CrowdStrike Marketplace
View all
Become a partner
About us
Our story
Executive team
Board of directors
Latest news
Investor relations
Environmental, social & governance
CrowdStrike & F1 Racing

Home

/

listings

/

Abnormal Cloud Email Security

Abnormal Cloud Email Security

Abnormal Security

Discover and remediate compromised email accounts and endpoints

With CrowdStrike and Abnormal Security working together, security analysts can holistically determine whether an identity is behaving normally through continuous behavior analysis from email content, activity, and endpoint monitoring, breaking down siloed views. If a compromise is detected, even if the initial compromise did not occur through email, analysts can act quickly to remediate the connected email account, stopping attacks in progress and mitigating the risk of spread through lateral phishing.

01
Detect email account takeovers
When Abnormal detects an active account takeover within a Microsoft 365 account, CrowdStrike will automatically add that user to a Watched Users list within the CrowdStrike Falcon® Identity Threat Protection module
02
Investigate CrowdStrike identity detections
The Abnormal platform can ingest identity detections from CrowdStrike that indicate, for example, if a host’s endpoint device has been compromised. Based on this signal, the Abnormal platform automatically opens an account takeover case and shows details of the signal received from CrowdStrike
03
Orchestrate responses
Analysts can take automated response actions, such as logging the user out, terminating the user session, forcing re-authentication, and more either manually or by leveraging pre-built playbooks

More from Abnormal Security

Abnormal Security Data Connector

Abnormal Security Data Connector

Enhance threat detection with Abnormal Security attack detections in Falcon Insight XDR