// Trust & Security Report
Abnormal AI, Inc.
Behavioral AI security platform for cloud email, identity, AI governance, insider threat, and messaging security. Core products: Email Security, AI Security (shadow AI governance), Identity Security, Insider Threat, Messaging Security (Microsoft Teams).
Certifications held
16
Maturity
Enterprise
Trains on your data
Unknown
Trust center
Yes
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
Verify on abnormal.ai“We maintain a SOC 2 certification as a result of this regular audit activity and can share the most recent SOC 2 report with our customers on request and under a non-disclosure agreement. An independent third-party audit is conducted annually.”
Verify on abnormal.ai“A-LIGN Security and Compliance, Inc. certifies that Abnormal AI, Inc. operates an Information Security Management System (ISMS) that conforms to the requirements of ISO/IEC 27001:2022.”
Verify on abnormal.ai“A-LIGN Security and Compliance, Inc. certifies that Abnormal AI, Inc. operates a Privacy Information Management System (PIMS) that conforms to the requirements of ISO/IEC 27701:2019.”
Verify on abnormal.ai“A-LIGN Security and Compliance, Inc. certifies that Abnormal AI, Inc. operates an Artificial Intelligence Management System (AIMS) that conforms to the requirements of ISO/IEC 42001:2023. Announced September 10, 2025; surveillance audits for ISO 27001 and ISO 27701 concurrently confirmed.”
Verify on abnormal.ai“With FedRAMP Moderate Authorization, Abnormal is now able to provide U.S. federal agencies with the same advanced protection that more than 3,200 customers globally already trust. Abnormal achieved FedRAMP Moderate Authorization in 256 days, sponsored by the Tennessee Valley Authority. Achieved April 22, 2025.”
Verify on security.abnormal.ai“GovRAMP badge displayed as a held authorization on the Abnormal AI trust center and security hub (security.abnormal.ai), shown alongside FedRAMP and TX-RAMP.”
Verify on security.abnormal.ai“Listed as a held certification on the Abnormal AI security hub (security.abnormal.ai) and trust center. Level not specified in public page content.”
Verify on security.abnormal.ai“Listed as 'CMMC Certified' on the Abnormal AI security hub.”
Verify on abnormal.ai“CJIS Security Policy attested, ensuring we meet FBI standards for protecting criminal justice data.”
Verify on security.abnormal.ai“Listed as a held certification on the Abnormal AI security hub (security.abnormal.ai).”
Verify on security.abnormal.ai“Listed as a held certification on the Abnormal AI trust center and security hub.”
Verify on abnormal.ai“We work with our customers to execute a Data Protection Addendum (DPA) to our Master Service Agreement. Implements Standard Contractual Clauses for transfers from the EEA or Switzerland. Participates in EU-U.S. Data Privacy Framework and Swiss-U.S. Data Privacy Framework.”
Verify on security.abnormal.ai“CCPA listed on the Abnormal AI security hub as a held compliance posture. California Consumer Privacy Act of 2018 referenced in the security and privacy blog post.”
Verify on security.abnormal.ai“Listed as a held compliance framework on the Abnormal AI security hub.”
Verify on security.abnormal.ai“Listed as a compliance framework on the Abnormal AI security hub.”
Verify on security.abnormal.ai“Listed as a compliance framework on the Abnormal AI security hub.”
> Show 2 unconfirmed / not-held certifications
source: security.abnormal.aiHIPAA is not listed on the Abnormal AI trust center (abnormal.ai/trust-center) or security hub (security.abnormal.ai). Abnormal publishes educational content about HIPAA email requirements for their customers but does not publicly claim to hold HIPAA compliance or offer a Business Associate Agreement (BAA). No public evidence found.
source: security.abnormal.aiPCI DSS is not listed on the Abnormal AI trust center or security hub. No public evidence of PCI DSS certification.
// Privacy & AI training
Trains on customer data
Not stated
Data processing agreement
Offered
Data region
Primarily United States; international transfers governed by Standard Contractual Clauses, EU-U.S. Data Privacy Framework, and Swiss-U.S. Data Privacy Framework. No explicit customer-selectable data residency region documented publicly.
Privacy policy states: 'Any data processed by our AI Tools is treated with the utmost confidentiality, and we strictly adhere to data protection regulations.' No explicit statement on whether customer email data is used to train Abnormal's behavioral AI models, and no opt-out mechanism is described in public documentation. This is a gap worth clarifying with the vendor directly, particularly given that the core product builds behavioral baselines from customer email content.
// Security controls
Architecture
Cloud-native, API-based (no proxy, no MX record change required). Connects via API to Microsoft 365 and Google Workspace.
abnormal.aiEncryption in transit
HTTPS/TLS enforced; zero-persistence attachment scanning processes files in memory without storing them.
abnormal.aiThird-party audits
Annual SOC 2 Type II audits (initial audit by Coalfire, ongoing audits confirmed). ISO 27001/27701/42001 audits by A-LIGN. US Penetration Test Report available on security hub.
abnormal.aiSecurity hub / documentation
Security hub at security.abnormal.ai lists SOC 2 report, ISO 27001 documentation, CAIQ Full assessment, SIG Core assessment, and US Penetration Test Report. Available to prospects under NDA.
security.abnormal.aiFedRAMP controls
Meets over 300 stringent security controls required for cloud service providers handling sensitive federal data under FedRAMP Moderate.
abnormal.ai// Products & data scope
data: Reads all inbound/outbound/internal email via API; builds behavioral baselines from email metadata and content
Core product. API-native, no MX record change required. Supports Microsoft 365 and Google Workspace.
data: Scans Microsoft Teams chats and channels for malicious URLs and attachments; zero-persistence architecture for file scanning
Unified threat log alongside email. Zero-persistence attachment scanning processes files in memory only.
data: Ingests signals from email, OAuth grants, identity providers, SaaS, and optional browser extension to map AI tool usage
Provides risk scoring, policy enforcement, and automated remediation for shadow AI usage. Covers AI tools, agents, and chatbot interactions.
data: Monitors identity provider signals, sign-in events, MFA registrations, and account changes
Detects account takeover and identity compromise; integrates with Microsoft 365 and Okta for automated remediation.
data: Behavioral signals across email and collaboration tools
Detects fraudulent actors and malicious insiders using behavioral AI baselines.
// What to watch
- AI training on customer data not explicitly addressed: the privacy policy does not state whether behavioral AI models are trained on customer email content, nor is an opt-out mechanism documented publicly. Buyers in regulated industries should ask for a written commitment.
- HIPAA not listed on trust center or security hub despite Abnormal actively marketing to healthcare organizations. No public BAA offering found. Healthcare buyers should request a BAA and confirm HIPAA posture directly.
- Domain migration: vendor has rebranded from 'Abnormal Security' (abnormalsecurity.com) to 'Abnormal AI' (abnormal.ai). Privacy policy and terms still served from abnormalsecurity.com subdomain. Identity is confirmed; certs belong to 'Abnormal AI, Inc.' but the brand transition may cause confusion in procurement.
- CSA STAR level not specified in public trust center content. Only confirmed as listed; Level 1 (self-assessment) vs Level 2 (third-party audit) distinction unclear from public pages.
- Data residency options not publicly documented. For EU data sovereignty requirements, buyers must confirm via DPA and vendor contract that SCCs and Data Privacy Framework are operationally effective for their use case.
// At a glance
Pricing model
Enterprise SaaS subscription; pricing not publicly disclosed; requires demo/sales engagement. Per-mailbox licensing typical for email security products of this type.
Self-hostable
No
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on Abnormal AI, Inc.'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-06-27. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
abnormal.ai