Abnormal Security and Crowdstrike Collaborate for Endpoint Attack Detection and Enhanced Email

Highlights:

• According to the initial technology integration between Abnormal and CrowdStrike, threat detection and reaction are delivered in both directions.
• A real-time alert immediately adds the targeted user to the Falcon Watched Users list for re-authentication and investigation.

Abnormal Security Corp. and CrowdStrike Holdings Inc. have formed a new alliance, and the latter has made a strategic investment in the former through the CrowdStrike Falcon Fund.

To provide email and endpoint attack detection and reaction with automated account remediation, the CrowdStrike Abnormal Security partnership will integrate the CrowdStrike Falcon platform with the Abnormal platform. Additionally, Abnormal has joined the CrowdXDR Alliance, and together with the other member businesses, they intend to market a joint extended detection and response solution.

According to the initial technology integration between Abnormal and CrowdStrike, threat detection and response are delivered in both directions. A case for an account takeover is automatically created within the Abnormal platform when the CrowdStrike Falcon platform identifies risk. When this happens, security analysts or autonomous policies can respond quickly by requiring step-up authentication, logging users out, ending sessions, or even ordering a password reset.

A real-time alert immediately adds the targeted user to the Falcon Watched Users list for re-authentication and investigation in the event that Abnormal discovers an email account compromise.

Evan Reiser, Co-founder and Chief Executive of Abnormal Security, said, “Email and endpoint devices are highly attacked entry points into an organization, and while rapid detection and response is key, it has been limited by the manual effort required to integrate siloed data from multiple solutions.”

The sum invested in Abnormal Security was not made public. The most recent USD 210 million in funding for the venture capital-backed business Abnormal came in May 2022 from Greylock Partners Management LLC and Menlo Ventures Management L.P. It has been reported that the firm has so far raised USD 284 million.

The CrowdStrike Falcon Fund’s stake in Abnormal is about its fifteenth overall. JumpCloud Inc., Salt Security Inc., and DoControl Inc. are some of the additional businesses the fund has invested in.

As a member of the CrowdXDR alliance, Abnormal also adds its name to an expanding group of businesses. To allow unified threat detection and response, the alliance puts together market-leading security and information technology solutions.

Menlo Security Inc., Vectra AI Inc., Ping Identity Corp., Okta Inc., ServiceNow Inc., Google Cloud, Proofpoint Inc., Zscaler Inc., and Mimecast Inc. are major alliance participants.