Abnormal Security is an AI-native email security platform that uses behavioral AI to protect enterprises against business email compromise, phishing, account takeover, and other socially-engineered attacks. Founded in 2018 by Evan Reiser and Sanjay Jeyakumar, the company takes a fundamentally different approach to email security. Instead of relying on traditional signature-based or gateway-level filtering, Abnormal builds behavioral profiles of every employee, vendor, and partner to detect anomalies.
How It Works
The core inbound email security product integrates directly with Microsoft 365 and Google Workspace via API, sitting behind the native email security layer or any existing SEG to catch attacks that slip through. The platform analyzes sender identity, email content, communication patterns, and business context to detect sophisticated BEC, vendor fraud, credential phishing, and malware delivery.
For account takeover protection, the platform monitors email account activity for signs of compromise, including suspicious login behavior, mail rule changes, inbox manipulation, and lateral phishing. When an account takeover is detected, Abnormal can automatically remediate by disabling the account and removing malicious messages sent from it.
Email platform security extends protection to the broader email environment by auditing mail tenant configurations, identifying risky third-party app integrations, and monitoring for privilege escalation.
Abnormal added AI-generated phishing simulation and security awareness training to its platform, using real attack data from its detection engine to create contextually relevant simulations tailored to each organization. The AI Security Mailbox is an AI-powered triage system for employee-reported phishing emails that automatically classifies and responds to submissions to reduce the burden on SOC teams. The system learns from analyst decisions to improve accuracy over time.
Behavioral AI Approach
Unlike legacy secure email gateways that rely on known indicators of compromise, Abnormal builds a behavioral baseline of every identity in an organization. The platform ingests signals from email metadata, communication graphs, organizational charts, procurement systems, and authentication logs to understand normal behavior. Deviations from this baseline trigger detections, enabling the platform to catch zero-day social engineering attacks that carry no malicious payload or known-bad indicators.
Funding History
The Series D in 2024 raised $250 million at a $5.1 billion valuation. Series C in 2022 brought in $210 million at $4.0 billion, led by Insight Partners. Series B in 2021 raised $75 million at $600 million, led by Menlo Ventures. Series A in 2019 raised $14 million, led by Greylock Partners. Total funding exceeds $550 million. Key investors include Greylock Partners, Menlo Ventures, Insight Partners, CrowdStrike Falcon Fund, Sapphire Ventures, and Wellington Management. CrowdStrike’s strategic investment reflects the growing integration between endpoint and email security.
Market Position
Abnormal Security has grown rapidly to serve over 2,000 enterprise customers, including many Fortune 500 organizations. The company competes in the cloud email security market against Proofpoint (Thoma Bravo), Mimecast, Microsoft Defender for Office 365, and newer API-based entrants like Material Security and Tessian (acquired by Proofpoint in 2023).
Abnormal was named a Leader in the 2024 Forrester Wave for Enterprise Email Security and has consistently demonstrated superior detection rates for BEC and socially-engineered attacks in independent evaluations. The company’s API-based architecture, which avoids MX record changes, has become the preferred deployment model for cloud email security.
Leadership
Evan Reiser is Co-Founder and CEO. He was formerly VP of Engineering at TellApart, which Twitter acquired. Sanjay Jeyakumar is Co-Founder and CTO, also from TellApart. Mike DeCesare, formerly CEO of ForeScout Technologies, serves as President and COO. Suvish Viswanathan is VP of Engineering.