Abnormal Security focuses on uncommon attacks, particularly advanced phishing and social engineering attempts. Their AI analyzes email content, sender/recipient information, user behavior, and email patterns to identify anomalies suggesting malicious intent. Cisco SETD employs a multi-layered approach, commended for its strong spam filtering, customizable security policies, and detailed reporting features, with users noting a need for improved integration options. Both products offer reasonable pricing and positive results, but Abnormal Security excels in customer service while Secure Email Threat Defense stands out for its real-time threat detection and automatic updates.
The summary above is based on 20 interviews we conducted recently with Abnormal Security and Secure Email Threat Defense users. To access the review's full transcripts, download our report.
"I would say that 90% of the spam and phishing attack emails get blocked right off the bat."
"It also gives the vulnerability status according to the versions you have selected. Let's say you have Google Chrome. It mentions the versions it has, and it updates. Within two hours of an update, it is reflected in the dashboard. That's really nice to have."
"Since we have started using the solution, there have been fewer compromises."
"The initial setup was easy."
"The product's scalability is good."
"Threat Explorer is one of the features that I very much like because it is a real-time report that allows you to identify, analyze, and trace security attacks."
"There are several features that I consider valuable."
"The technical support is good and quick to resolve issues."
"Initial auto-remediation allows us to auto-remediate before the email lands in the end user's inbox for a split second."
"I have never encountered any stability issues with Abnormal."
"One of the things that I love about them is that the setup and installation are super easy. All you do is give them access to your Microsoft 365 tenant, and through APIs, they are able to do their work. They are doing all this through APIs, so you do not have to install the software and take a month to get it all set up to even see the value of the solution. You could be up and running in less than an hour."
"The features that appeal to me most are the combination of auto-remediation and Detection 360."
"Ease of use is undoubtedly one of the most valuable features of Abnormal Security."
"Their ability to take things out of the mailbox and catch things much faster than users is excellent."
"What I like about Abnormal Security is that it notifies me if any of my partners or suppliers are experiencing a security breach by analyzing their database and identifying potential cyber threats."
"It does some really cool stuff that other tools aren't doing. We found it to be really effective, and the AI/ML functionality is really what differentiates them."
"Secure Email Threat Defense's scalability is good."
"It has an efficient email filtering feature."
"The features and functionalities are much better than Microsoft's in-built Defender plan."
"Cisco has a threat mechanism called cloud-based Talos, where all the threats are inbuilt."
"The ability to see east-west traffic is its most valuable feature. Traditionally, email defense focuses on north-south, inbound-outbound, egress-ingress traffic. With Cisco Secure Email Cloud Mailbox, it's able to quickly identify, track, tag, and categorize emails that are internal. That can typically give us visibility into if there's an internal compromised account (for example). Someone can then use that internal compromised account to email additional accounts with either malicious software or links, but internal within that Office tenant. Effectively, that email message never leaves the tenant. Any of the mail gateways really do not have any method or way of seeing this traffic since it's not leaving the environment."
"I would say it's very comprehensive, with multiple antivirus OEMs, virus encrypt features, encryption, and more."
"Cisco Secure Email Cloud Mailbox can handle a complete portfolio, which is required to protect any kind of attack coming from emails. However, it does not have advanced phishing, but it is available through Cisco. If you compare Cisco Secure Email Cloud Mailbox with the competition, in the competition you have to have one or two solutions together to address the customer's requirement, whereas Cisco Secure Email Cloud Mailbox is addressing everything, such as web domain and email protection. If there is any kind of challenge it will come across through email."
"On ease of use, it rates very high. It's something that I was able to get into without really looking at any documentation. I wanted to see what it felt like before I started looking at any documentation on how to use it, and it was very easy to use. It works very smoothly. The user experience is very intuitive. They did an amazing job on that."
"The UI needs to be more user-friendly."
"We are always looking for others tools to increase automation on tasks. There can be better integration with other solutions, such as PowerPoint and email."
"In one of the reports I can get the exact place where a vulnerable file resides. But for that, I need to explicitly go into the device and check. If they could include that file part in the report, without my having to go to the device itself, that would help."
"Microsoft Defender for Office 365 must improve the overall management style, including the GUI. It also needs to change the filters so that it is easy to whitelist and blacklist data."
"The GUI is sometimes slow to fetch the device report and could be improved."
"The pre-sales cost calculations could be more transparent."
"About eight months ago, we started to measure the quantity of phishing and spam that we have been receiving, and it has been increasing a lot. That means that protection for our email is not as good as we were expecting."
"It would be better if it were more scalable. It depends on the architecture, but we would like to make it more scalable for both data centers."
"The pricing for academic institutions and student mailboxes is challenging."
"One feature I'd love to see is outbound scanning."
"I, as such, do not have anything that I do not like or would like to add, but you could argue that because they are doing it API-based, there is a chance that something could slip through temporarily before they are able to pull it out. In theory, it could happen just because of the nature of the system. They are not in line with the delivery of the mail. They are kind of asynchronous, which is a pro as well as a con. If it is synchronous, then I know it would always stop them, but because it is asynchronous, things could get through temporarily or because of some system issues on the Microsoft side or their side. It is the nature of the beast, but it is a little bit of a con."
"I would like to have the ability to customize the auto-remediation feature."
"When we're working on something as engineers, and we find an idea or a method of doing something that would be greatly improved by doing it another way, there should be an ability for me to click the ideas button, type in an idea that I have, and submit it to a product review team or developers to have them think through the process a little bit more."
"There could be room for improvement in enhancing integration with other cybersecurity tools."
"The biggest pain point for us is the lack of support for on-premise email systems."
"The ideal scenario would be for Abnormal Security to work in tandem with Microsoft to analyze incoming emails."
"Customers will benefit greatly from monthly billing because the majority of customers today use the cloud, be it Office 365, or Google Cloud."
"The search area has room for improvement. When you go to the next page, it remains at the bottom of the current page that you're on. Also, under the reports section, it allows you to see any "convictions," but if you want to search for those convictions you have to remember when they all came in and go back and edit the search accordingly. You cannot click on the list of convictions to actually see if you had a spike at a certain time."
"There is still room for improvement in terms of integrations with other Cisco tools and non-Cisco tools. There is also some room for improvement needed in terms of the reporting."
"The solution is a bit expensive."
"This solution could be improved by integration with Sandbox."
"The tool gives false positives and it needs to be more accurate. I would like to see AI as a new feature."
"Cisco Secure Email Cloud Mailbox can improve by adding advanced phishing, then the solution would become the best in the market. However, this could increase the price even more. Additionally, if CES with domain protection could be added it would be an even better solution."
"The pricing could always be better."
More Microsoft Defender for Office 365 Pricing and Cost Advice →
More Cisco Secure Email Threat Defense Pricing and Cost Advice →
Abnormal Security is ranked 10th in Email Security with 8 reviews while Cisco Secure Email Threat Defense is ranked 17th in Email Security with 11 reviews. Abnormal Security is rated 9.6, while Cisco Secure Email Threat Defense is rated 8.2. The top reviewer of Abnormal Security writes "Provides comprehensive email security management, effective in detecting a wide range of email threats". On the other hand, the top reviewer of Cisco Secure Email Threat Defense writes "Easy to deploy and configure with excellent support". Abnormal Security is most compared with Mimecast Email Security, Egress Intelligent Email Security, Cloudflare Area 1 Email Security, Avanan and Tessian Enforcer, whereas Cisco Secure Email Threat Defense is most compared with Cisco Secure Email, Kiteworks, Microsoft Exchange Online Protection (EOP) and Armorblox. See our Abnormal Security vs. Cisco Secure Email Threat Defense report.
See our list of best Email Security vendors.
We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.