Abnormal AI launches updated Microsoft 365 security solution

Abnormal AI has launched an updated Security Posture Management product aimed at providing AI-driven protection, automated prioritisation, and remediation guidance for Microsoft 365 environments.

The company's revised offering addresses the challenges created by increasingly complex Microsoft 365 ecosystems, where accidental misconfigurations are contributing to cloud email vulnerabilities. The proliferation of third-party applications, an expanding layer of settings, and dispersed administrative responsibilities within organisations have resulted in potential blind spots and inadvertent security gaps. Previously, such vulnerabilities have reportedly been exploited by threat groups including Midnight Blizzard.

Abnormal AI states that its extensive integration with Microsoft 365, coupled with its experience in counteracting advanced email threats, enables it to uncover configuration risks that might otherwise go undetected. The new add-on component for Security Posture Management is designed to continuously identify misconfigurations spanning users, applications, and tenants, providing security teams with actionable visibility and enhanced control.

The company highlights three principal features of the updated product: comprehensive visibility, automated prioritisation, and remediation guidance. According to Abnormal AI, the solution continuously uncovers risky Microsoft 365 misconfigurations using CIS benchmarks and Abnormal's own threat intelligence. Automated prioritisation is intended to ensure that the most critical risks, based on their impact, prevalence, and relevance to the organisation's environment, are addressed first. Remediation guidance offers clear instructions for resolving identified issues, aiming to eliminate the need for manual audits or custom scripting.

"Thousands of organisations rely on Abnormal to stop email-based attacks like phishing and account compromise. But attackers are also exploiting misconfigurations to bypass phishing defences," said Evan Reiser, CEO of Abnormal AI. "Because we already integrate deeply with Microsoft 365 to protect inbound email, we can extend our API-based architecture to detect these hidden risks. Security Posture Management gives security teams continuous visibility into misconfiguration risks across their entire Microsoft 365 environment."

The latest enhancement to Security Posture Management arrives as businesses continue to face a fluid threat landscape, particularly around widespread platforms such as Microsoft 365. With increasing adoption of cloud-based collaboration tools, proper configuration has become a central focus for security teams seeking to mitigate the risk of account compromise and unauthorised access.

Abnormal AI describes its platform architecture as supporting quick deployment through API integration with both Microsoft 365 and Google Workspace, as well as other cloud applications including Slack, Workday, ServiceNow, and Zoom. The firm reports that its services are presently used by more than 3,200 organisations worldwide, including a substantial segment of the Fortune 500.

The company has stated that its anomaly detection engine leverages a range of contextual signals to analyse risk on every cloud email event, supporting the detection and blocking of socially-engineered attacks. This is positioned as part of a broader trend within cybersecurity that leverages artificial intelligence and machine learning to counter increasingly sophisticated attack techniques.

Abnormal AI has indicated that additional demonstrations of its Security Posture Management capabilities, including the updated features, are being made available to interested parties and customers. Further details are available from the company upon request.