Abnormal

Self Service Ingestion

Connect this data source on your own, using the Hunters platform.

TL;DR

Supported data types

3rd party detection

Hunters detection

IOC search

Search

Table name

Log format

Collection method

Abnormal Threats

✅

✅

abnormal_threats

NDJSON

API


Overview

image.pngAbnormal Security is an email security company that protects enterprises and organizations from targeted email attacks.

Integrating Abnormal into Hunters allows the collection and ingestion of the Abnormal Threats into the data lake. Furthermore, alerts will be created over the logs, auto-investigated and correlated to other related signals.

Supported data types

Abnormal Threats

Table name: abnormal_threats

Managing threats to an organization identified by Abnormal Security. The organization should be integrated with Abnormal Security and enabled for real-time detection of malicious emails.

Send data to Hunters

Hunters supports the collection of Abnormal Threats logs using API.

To connect Abnormal Threats logs:

  1. Follow the "Integration Steps" under this guide by Abnormal to acquire a token.

  2. Complete the process on the Hunters platform, following this guide.

📘IP Whitelisting

Abnormal allows to leverage a second layer of protection by restoring the API access per token to specific IPs. If required, add the IPs from this IPs list to Abnormal, as specified in the documentation above.