Skip to main content

Help us improve the Digital Marketplace - send your feedback

Geode Networks Ltd

Abnormal Email Security

Abnormal Security, the leading behavioral AI-based security platform that protects against the full spectrum of inbound email and email platform attacks. The solution provides a fundamentally different approach to email security by building a picture of what ‘normal’ email behavior looks like based on usage within an organization.

Features

  • Inbound Email Security
  • Abuse Mailbox Automation
  • Email Account Takeover Protection
  • Email Productivity
  • Email Security Posture Management
  • Email Like Messaging Security (Teams, Slack, Zoom)
  • Email Like Account Takeover Protection (Teams, Slack, Zoom)
  • Reduced Invoice Fraud and BEC
  • Email Like messaging security for Teams, Slack, Zoom
  • Vendor Base

Benefits

  • Improves SOC Productivity - Empower teams to do more
  • Improves Staff Email Productivity
  • Deploys in minutes via API; no configuration needed
  • Reduced Invoice Fraud and BEC
  • Precisely blocks all email attacks using behavioral AI
  • Protects from internal and external compromised accounts
  • Secures the Human Vulnerability
  • Protects Against Modern AI Attacks - QR Codes, text based
  • Protects against lateral phishing

Pricing

£17 a licence a year

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at msollars@geodeservices.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

4 8 3 6 9 5 4 4 6 9 8 3 6 5 1

Contact

Geode Networks Ltd Marc Sollars
Telephone: 01189 838620
Email: msollars@geodeservices.com

Service scope

Software add-on or extension
Yes
What software services is the service an extension to
Abnormal Security provides API Behavioral Analytics Email Security to Office 365 and Google Workspaces environments
Cloud deployment model
Public cloud
Service constraints
Abnormal Email Security is only applicable to businesses utilizing O365 and Google Workspaces email environments.
System requirements
  • O365
  • Google Workspaces

User support

Email or online ticketing support
Email or online ticketing
Support response times
Our support system is 24x7 and we have response times are set to the priority of the ticket.
P1 - initial response within 1hr - 24x7x365

8AM-5PM GMT Monday to Friday
P2 - initial response within 4hrs
P3 - initial response within 8hrs
P4 - initial response within 24hrs
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
No
Web chat support
No
Onsite support
No
Support levels
SEV 1 - Urgent
Sev 1 incidents are an Error that causes a (a) service disruption or (b) degraded condition that renders the Service inoperable. We’ll respond to a Priority 1 incident within one hour, our most urgent response time.

Sev 2 - HIGH
An Error that (a) causes the Service to operate in a degraded condition with a high impact to key portions of the Service or (b) seriously impairs Customer’s use of material function(s) of the Service and Customer cannot reasonably circumvent or avoid the Error without the expenditure of significant time or effort.
We’ll respond within two business hours following receipt of a P2 incident.

Sev 3 - Normal
An Error that has a medium-to-low impact on the Service. The Service is (a) running with limited functionality in one or more areas or (b) experiencing intermittent issues. Customer can access and use the material functionality of the Service.. We’ll respond within eight Business hours following the receipt of a P3 incident.

Sev 4 – Low
How-to questions and Service issues with no Service degradation. We’ll respond to you within 24 business hours following the receipt of a P4 request.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
At the beginning of your Email Security deployment, an Internal Kick-Off Meeting will be run by your allocated Installation Manager. The outcome of this meeting will be to:

• Allocate roles and responsibilities
• Agree task ownership and a target implementation date
• Agree stakeholders

Pre-Service Workshop:
Your Project Manager will schedule an pre-service workshop prior to going live to ensure you have a full understanding of what the solution includes and to confirm our understanding of the measures needed to complete the implementation such as SEG Migration. A sample agenda for this session is:

• Introductions to the team
• Service Enablement process overview
• Explanation of expected timescales
• Installation Process
• SEG Migration
Service documentation
Yes
Documentation formats
HTML
End-of-contract data extraction
There is no data to be extracted, the API into the O365 or Google Environment is removed and the customer Abnormal Security Tenant de-commissioned.
End-of-contract process
At the end of the contract all customer access will be disabled, and the customer will be required to disconnect the API integration.

Once the contract has been ended Abnormal Security will at the appropriate time purge all data from the backend systems.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install
No
Designed for use on mobile devices
No
Service interface
No
User support accessibility
None or don’t know
API
Yes
What users can and can't do using the API
The Abnormal REST API enables Abnormal customers and partners to use other tools and utilities to programmatically integrate the Abnormal platform into the rest of their security ecosystem.

The Abnormal platform is an API-first platform, which means that APIs are core to the product and its administrative portal (the Abnormal Portal). The same set of APIs powers internal and external access to the data. This ensures that as functionality is added to the platform, the corresponding API endpoints are also automatically added.

To integrate with the Abnormal REST API, you must first use the Abnormal Portal to get your organization’s unique API access token that should be used when making programmatic calls to any of the Abnormal REST API endpoints.

You must also use the Portal to safelist IP addresses for your organization. IP safelisting ensures that API access is possible from IP addresses belonging to your organization and prevents users from unauthorized networks from accessing your threat data. This second layer of security helps keep your data safe from unauthorized users and protects you in the event of a token compromise.
API documentation
Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment
No
Customisation available
No

Scaling

Independence of resources
https://abnormalsecurity.com/trust-center

Analytics

Service usage metrics
Yes
Metrics types
Attacks Stopped
Attack Frequency
Threat Log
Abuse Mailbox
Vendor Fraud
Vendor Base
People Base
App Base
Reporting types
Real-time dashboards

Resellers

Supplier type
Reseller providing extra support
Organisation whose services are being resold
Abnormal Security

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Other
Other data at rest protection approach
The Service retains the data types that it stores for the applicable default retention time indicated in the table above. During infrequent occurrences where an email requires additional analysis by the by the Service or an Abnormal Security researcher, personal
information may be stored temporarily by the Service until the malicious indicators identified by the Service within the message are validated, which is designed to occur within three hours of receiving such message.
Data sanitisation process
No
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Abnormal Security is able to export data via pdf, csv or Via API to solutions such as Splunk
Data export formats
  • CSV
  • Other
Other data export formats
Pdf
Data import formats
Other

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Other
Other protection between networks
Cloud Native API Integration within O365 and Google Workspaces.
The Service encrypts the data it processes while those data are in transit and at rest. While data are in- transit, the Service leverages industry standard secure data transmission protocols with session authentication and encryption; all data in transit are encrypted using TLS 1.2 sessions with a 2048-bit RSA asymmetric key, and HTTPS is required for all traffic. The Service employs industry standard AES 256 encryption protocol and multi- factor encryption technologies on all data stores, including production databases, big data files used for data processing, database backups, read-replicas,
and snapshots.
Data protection within supplier network
Other
Other protection within supplier network
The solution is deployed within the O365 and GoogleWorkspaces API.

Availability and resilience

Guaranteed availability
99%
Approach to resilience
Available on request
Outage reporting
There is a public dashboard available that provides this information.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
Access control within management interfaces are assured by an independent validation of assertion Administrator permissions assured by independent validation of assertion
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Access to user activity audit information
No audit information available
Access to supplier activity audit information
No audit information available
How long system logs are stored for
Between 6 months and 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Coalfire ISO, Inc.
ISO/IEC 27001 accreditation date
Certificate Issuance Date: September 30, 2021
What the ISO/IEC 27001 doesn’t cover
Outsourced Development
ISO 28000:2007 certification
No
CSA STAR certification
Yes
CSA STAR accreditation date
26/01/2023
CSA STAR certification level
Level 1: CSA STAR Self-Assessment
What the CSA STAR doesn’t cover
N/a
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
Yes
Any other security certifications
  • CCPA
  • SOC2
  • TX-RAMP
  • PIPEDA
  • VPAT
  • Geode parent company Teneo Ltd holds ISO27001
  • Geode parent company Teneo Ltd achieved Cyber Essentials

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Abnormal has an appointed DPO who is responsible for ensuring appropriate data protection controls and requirements are in place and operating effectively.

Abnormal employees receive privacy training and onboarding and annually thereafter. Additional role-based training also occurs in a similar manner with targeted training, including topics such as the GDPR, privacy in marketing, and privacy by design.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Geode’s Configuration and Change Management processes follow ITIL's Service Management best practice framework, including the guidance for building, deploying, and transitioning new or changed IT services into operation. Geode provide lifecycle services including the planning and management of changes, while minimizing risk. The components of the service are monitored for upgrades and updates provided by the relevant vendors. Within the Change Management process, each change requested will follow a pre-defined workflow, reflecting the various stages of assessment, approval and implementation of the change as well as a security policy impact assessment.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
We are committed to providing secure products that support compliance and build trust. Use this Trust Center to learn about our security and trust initiatives.

https://security.abnormalsecurity.com/
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
We are committed to providing secure products that support compliance and build trust. Use this Trust Center to learn about our security and trust initiatives.

https://security.abnormalsecurity.com/
Incident management type
Undisclosed
Incident management approach
We are committed to providing secure products that support compliance and build trust. Use this Trust Center to learn about our security and trust initiatives.

https://security.abnormalsecurity.com/

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

Tackling economic inequality

Tackling economic inequality

Geode and its parent company Teneo take CSR very seriously and have a purpose to improve the lives of 1 million children worldwide. We have built several schools in Africa as part of this journey. More can be found on our website www.teneo.net

Pricing

Price
£17 a licence a year
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
30 day read only deployment

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at msollars@geodeservices.com. Tell them what format you need. It will help if you say what assistive technology you use.