Download PDF version Contact company
Related Links

Abnormal Security, a pioneer in protecting large enterprises from Business Email Compromise (BEC) attacks, introduces VendorBase, a global, federated database that tracks the reputations of an organisation’s vendors and customers, and improves the detection accuracy of advanced social engineering attacks.

With VendorBase, the Abnormal Cloud Email Security platform aggregates communication in one place to provide customers with deeper insight and visibility into a vendor’s reputation and transactions. This unprecedented access gives organisations the ability to see detailed views of all vendors, including profile information, the VendorBase risk assessment score, explanations on risk scores, a timeline view of relevant email communication, and security activity for that vendor.

Vendor-based attacks

Abnormal also releases research detailing a $700,000 invoice fraud BEC attack on a large telecommunications company. Detected and prevented by VendorBase, this particular attack is notable for its patient engagement of multiple parties over the course of two months and leveraged both simple and sophisticated techniques to execute and progress this attack. Abnormal plans to release similar research on vendor-based attacks in the coming months.

Abnormal plans to release similar research on vendor-based attacks in the coming months

Our goal from the beginning is to provide the industry’s best detection accuracy of sophisticated BEC attacks,” said Evan Reiser, CEO and Co-Founder, Abnormal Security. “Before VendorBase, organisations lacked clear visibility of the BEC risk from their supply chains. This new capability greatly mitigates this risk and makes it much easier for organisations to directly remediate and investigate BEC attacks from compromised vendors.”

Evaluating email communication

Through VendorBase, the Abnormal Security platform automatically computes a risk score for each vendor by evaluating email communication across three areas: if the vendor’s domains have been impersonated or spoofed; if the vendor has been compromised; if the vendor is not legitimate or is a suspicious vendor. VendorBase also gathers reports from all customers and uses the results as part of the risk score computation, which is fed back into the VendorBase so it can be used by all Abnormal Security customers.

Before VendorBase, ensuring that organisations had the necessary visibility of the risk coming in from the supply chain, and even from customers, required a good deal of manual effort on their side,” said Rami Habal, CPO, Abnormal, “VendorBase automates this process, removing manual burden and providing insight into which vendors are known risk vectors. This makes it simple for our customers to mitigate risk, and detect supply chain fraud over email, that otherwise would have been unknown and gone unnoticed until it was too late.”

Download PDF version Download PDF version

Related videos

Enhanced security with S617 video door station

Enhanced security with S617 video door station
Remote Guarding Video Series Part 1: Overview and Basics.

Remote Guarding Video Series Part 1: Overview and Basics.
Remote Guarding Video Series Part 2: System Design

Remote Guarding Video Series Part 2: System Design

In case you missed it

Anviz Global expands palm vein tech for security
Anviz Global expands palm vein tech for security

The pattern of veins in the hand contains unique information that can be used for identity. Blood flowing through veins in the human body can absorb light waves of specific wavelen...

Bosch sells security unit to Triton for growth
Bosch sells security unit to Triton for growth

Bosch is selling its Building Technologies division’s product business for security and communications technology to the European investment firm Triton. The transaction enc...

In age of misinformation, SWEAR embeds proof of authenticity into video data
In age of misinformation, SWEAR embeds proof of authenticity into video data

The information age is changing. Today, we are at the center of addressing one of the most critical issues in the digital age: the misinformation age. While most awareness of thi...

Featured white papers
Palm vein recognition

Palm vein recognition

Download
The key to unlocking K12 school safety grants

The key to unlocking K12 school safety grants

Download
Physical access control

Physical access control

Download
5 surprising findings from OT vulnerability assessments

5 surprising findings from OT vulnerability assessments

Download
Honeywell GARD USB threat report 2024

Honeywell GARD USB threat report 2024

Download
Quick poll
What is the most significant challenge facing smart building security today?
More corporate news
VIVOTEK launches crowd control solution to comply with social distancing regulations during COVID-19 pandemic

VIVOTEK launches crowd control solution to comply with social distancing regulations during COVID-19 pandemic
3xLOGIC and Sonitrol extend deadline for free infinias, VIGIL, CLOUD Access and mySonitrol.net training courses

3xLOGIC and Sonitrol extend deadline for free infinias, VIGIL, CLOUD Access and mySonitrol.net training courses
Teleste Corporation delivers onboard solution to Alstom’s new Coradia trains for CFL in Luxembourg

Teleste Corporation delivers onboard solution to Alstom’s new Coradia trains for CFL in Luxembourg
Featured products
Dahua 4MP WizColor Bullet Camera with Fixed-Focal and WizSense AI

Dahua 4MP WizColor Bullet Camera with Fixed-Focal and WizSense AI
Hikvision WonderHub: Interactive Displays for Collaboration

Hikvision WonderHub: Interactive Displays for Collaboration
Verkada GC31 Cellular Gateway for Seamless Device Connectivity

Verkada GC31 Cellular Gateway for Seamless Device Connectivity