Abnormal AI improves security awareness training with AI agents

Abnormal AI introduces autonomous AI agents that improve how organizations train employees and report on risk while also evolving its email security capabilities.

In a year defined by the explosive use of malicious AI for cybercrime, Abnormal is doubling down on its mission to protect people. With its AI-native platform, Abnormal’s newest innovations bring intelligent automation to security awareness training, executive reporting, and advanced email threat detection.

“The most dangerous attacks don’t target firewalls—they target people, and people need better protection,” said Evan Reiser, CEO of Abnormal AI. “Today, we’re introducing true AI agents that not only protect people from advanced cyberattacks, but also eliminate the manual effort that’s bogging down security teams. From personalized phishing simulations to autonomous reporting and expanded threat remediation capabilities, these innovations represent a massive leap forward in how AI can be operationalized across the security stack.”

Introducing two new AI agents

In a recent survey, 53% of security leaders agreed that the effort required to run and maintain their organization’s current security awareness training program isn’t worth the impact it appears to be having. To solve this pain point, the launch of AI Phishing Coach allows organizations to replace ineffective, generic training with a personalized, autonomous AI platform.

By converting real attacks blocked by Abnormal into tailored simulations for each user, it delivers instant coaching modules when users click—no more canned videos or impersonalized courses. For company-wide training, AI-generated videos are created on-demand, branded, and customized to each organization’s threat landscape.

Unlike legacy training platforms that rely on static templates and outdated scenarios, AI Phishing Coach uses real-time behavioral threat data to deliver hyper-relevant training experiences. Because it’s powered by Abnormal’s behavioral AI engine, it learns from each organization’s threat environment and adapts training dynamically—providing proactive education before attacks succeed. It’s like giving every employee their own AI-powered security mentor—without adding any operational burden to security teams.

In addition to AI Phishing Coach, Abnormal is also launching AI Data Analyst to turn complex security data into instantly usable intelligence—providing admins with better reporting tools and saving teams dozens of hours in manual data aggregation. AI Data Analyst acts as an intelligent agent that proactively delivers reports directly to customers, highlighting the value Abnormal is bringing to their organization.

Customers can then interact with the agent to ask follow-up questions, explore specific data points, or request customized board decks—complete with interactive slides and plain-language insights—tailored to showcase the impact of Abnormal AI on their security posture.

Enhancing email security to replace the SEG

As email attacks continue to bypass legacy secure email gateways (SEGs), the Abnormal Behavior Platform has consistently outperformed traditional tools—and even human analysts. Today, three-fourths of Abnormal customers have moved away from their third-party SEG.

To support this shift and continue to provide more visibility and flexibility, Abnormal is rolling out three no-cost upgrades to Inbound Email Security, now available to all customers:

• Quarantine Release: Consolidates Microsoft-quarantined emails into the Abnormal platform for streamlined triage and faster response.
• URL Rewriting: Adds user-facing warnings and click tracking for suspicious links, improving protection without disrupting the email experience.
• Enterprise Remediation Settings: Allows administrators to tailor remediation actions based on threat type and business context.

Together, these enhancements make it easier than ever for organizations to fully replace their legacy tools while maintaining control, visibility, and peace of mind.

Expanding globally, scaling securely

Earlier this month, Abnormal achieved FedRAMP Moderate Authorization in only 256 days, paving the way for federal agencies to easily adopt the platform. The company is also announcing expanded operations into Germany, with Japan and France to follow later this year.