Abnormal AI

The future of AI-native cybersecurity is being built right here at Abnormal. Our global team gathered for SKO 2026 this week to set the tone for the year ahead. We celebrated the milestones that brought us here while aligning on strategy, sharpening execution, and diving deep into innovation across our platform. SKO is where we recommit to why we’re here: to protect humans from cybercrime with behavioral AI. Every conversation, every breakout, and every plan for the year ahead centers on advancing that mission and delivering greater impact for our customers. The momentum is real, and this team is built for what’s next. Here’s to a big year ahead!

🚨 New Phishing Framework: Starkiller Makes MFA Bypass Dangerously Simple Most phishing kits rely on static HTML clones of login pages. Starkiller doesn't. Using headless browsers and reverse proxies, it relays live authentication sessions—capturing credentials, MFA codes, and session tokens in real time while the target interacts with a legitimate site. In our blog post, we break down: 🔹 How a polished control panel makes enterprise-grade phishing accessible to low-skill attackers 🔹 Why MFA offers little protection when the full authentication flow is proxied in real time 🔹 How built-in URL masking tools make malicious links appear legitimate to recipients 🔹 What real-time session monitoring means for targets—and why they never know 🔹 How Starkiller is distributed like a SaaS product, with ongoing support and regular updates 💡 Why this matters: Because each phishing session is generated dynamically, there are no static artifacts for security tools to fingerprint or blocklist. Traditional defenses—static page analysis, domain blocklisting, reputation-based URL filtering—weren't built for this. Stopping these attacks requires behavioral detection at the inbox level, before the link ever reaches a user. ➡️ Read the full analysis: https://lnkd.in/eRnt7amn

Legacy security can’t keep up with human-centric attacks. Behavioral AI can. We’re proud to be named to the 2026 CRN Security 100 list. This recognition validates our mission: moving beyond static rules to protect the human behavior at the heart of every enterprise. Thank you to our partners and customers who trust us to secure their future. https://lnkd.in/eHZbFHrX #CRNSecurity100

Attackers are refining their tactics. 📈 In our 2026 Threat Forecast, the data is clear: the most dangerous threats now exploit what traditional security misses—human trust and routine workflows. As attackers leverage AI to create hyper-personalized social engineering, legacy SEGs relying on static rules are falling behind. We’re moving enterprises from reactive triage to an autonomous SOC that understands human behavior to stop these breaches before they happen. ICYMI: Get the in-depth breakdown of the tactics and techniques set to define the threat landscape this year: https://lnkd.in/ey-6HBsZ

Experience Abnormal AI After Dark During RSAC 🏙️ ️️ We’re bringing our customers a lineup that can't be missed. Prepare for an epic night with exclusive performances by Kaskade and Busta Rhymes. This is an exclusive customer appreciation party, with the mission of bringing the cybersecurity community together for a memorable experience. Request an invitation to join us at The Warfield in San Francisco during RSAC week! https://lnkd.in/eKziAXyH

Evan Reiser shares how the nature of cyber attacks are evolving in the age of AI and the opportunity for Abnormal to use good AI to fight bad AI.

Global teams deserve security training that actually speaks their language. Too often, translated awareness content feels generic—checking a box without changing behavior. And as phishing attacks evolve, manual translation simply can’t keep pace. AI Phishing Coach delivers adaptive simulations, just-in-time coaching, and AI-generated video training automatically in each employee’s preferred language—driving real engagement and measurable resilience worldwide. Read how AI is helping global organizations build a stronger, unified security culture at scale. 👇 https://lnkd.in/e63gQ_xn

We’re thrilled to see Abnormal recognized in CSO Online's list of Top 10 Vendors for AI-Enabled Security! Based on feedback from more than 640 senior security leaders, the list reflects how CISOs are thinking about the future of security: not just who has the flashiest AI, but who delivers real innovation, strong reputation, business value, reasonable cost, seamless integration, and peer trust. This recognition reflects the trust security leaders place in Abnormal to solve real problems with AI that’s proven, practical, and built for today’s threats. Check out the full article: https://lnkd.in/gBnWmK3y

Introducing the Abnormal–Netskope integration! The Abnormal AI Plugin for Netskope Cloud Threat Exchange brings together Abnormal’s high-fidelity email threat detections with Netskope’s cloud and web enforcement ecosystem. Built on the Netskope Cloud Exchange, the integration enables threat intelligence identified by Abnormal to be shared and operationalized across Netskope and connected security controls. Together, Abnormal and Netskope deliver faster enforcement, shorter MTTR, and a reduced attack surface across cloud and web. Read more about the integration in our blog: https://lnkd.in/gSnnvEWh

Attackers are exploiting Microsoft system notifications to deliver phishing emails that appear fully legitimate and bypass traditional security controls. Our latest attack analysis details how threat actors abuse tenant branding features in Microsoft Entra ID to inject malicious content into trusted, system-generated emails — turning Microsoft’s own infrastructure into a delivery mechanism. Read the full breakdown: https://lnkd.in/ehnSZahq