What is Abnormal Security? #
Abnormal provides cloud-native, AI-powered protection against email attacks including phishing, malware, ransomware, social engineering, executive impersonation, supply chain compromise, internal account compromise, spam, and graymail.
Why Should You Use the Abnormal Security Connector? #
The Abnormal Security connector provides visibility into the threats and assets in your environment. You can use this visibility to:
-
manage threats
-
ensure assets are managed per your security policies
-
derive relationships between assets, users, applications, and data
How Does This Connector Work? #
Lucidum executes read-only requests to the Abnormal Security REST API and ingests only meta-data about Abnormal Security devices. Lucidum does not retrieve any data stored on your assets.
Configuring the Connector in Lucidum #
|
Field |
Description |
Example |
|---|---|---|
|
Profile Name |
Name of the profile |
Lucidum |
|
URL |
The URL for the Abnormal Security API. |
https://api.abnormalplatform.com |
|
API Token |
API key for a Abnormal Security account with read access. For details on generating an API token in Abnormal Security, seeĀ https://abnormalsecurity.my.site.com/knowledgebase/s/article/Abnormal-REST-API-Integration#Integration-Steps |
************ |
Source Documentation #
Creating Credentials #
For details on creating credentials in Abnormal Security for use by the Lucidum connector, seeĀ https://abnormalsecurity.my.site.com/knowledgebase/s/article/Abnormal-REST-API-Integration#Integration-Steps
Required Permissions #
The API token includes read and write permissions.
API Documentation #
https://app.swaggerhub.com/apis/abnormal-security/abx/1.4.1#/Threats/get_threats__threatId_
