Abnormal Security
What is Abnormal Security?
Abnormal provides cloud-native, AI-powered protection against email attacks including phishing, malware, ransomware, social engineering, executive impersonation, supply chain compromise, internal account compromise, spam, and graymail.
Why Should You Use the Abnormal Security Connector?
The Abnormal Security connector provides visibility into the threats and assets in your environment. You can use this visibility to:
manage threats
ensure assets are managed per your security policies
derive relationships between assets, users, applications, and data
How Does This Connector Work?
Lucidum executes read-only requests to the Abnormal Security REST API and ingests only meta-data about Abnormal Security devices. Lucidum does not retrieve any data stored on your assets.
Configuring the Connector in Lucidum
Field | Description | Example |
|---|---|---|
Profile Name | Name of the profile | Lucidum |
URL | The URL for the Abnormal Security API. | |
API Token | API key for a Abnormal Security account with read access. For details on generating an API token in Abnormal Security, see https://abnormalsecurity.my.site.com/knowledgebase/s/article/Abnormal-REST-API-Integration#Integration-Steps | ************ |
Source Documentation
Creating Credentials
For details on creating credentials in Abnormal Security for use by the Lucidum connector, see https://abnormalsecurity.my.site.com/knowledgebase/s/article/Abnormal-REST-API-Integration#Integration-Steps
Required Permissions
The API token includes read and write permissions.
API Documentation
https://app.swaggerhub.com/apis/abnormal-security/abx/1.4.1#/Threats/get_threats__threatId_