New AI Incident Response, Multi-Region Agents, and Custom-Domain Status Pages, May 2026
Services Pricing Dashboard

Abnormal Security Outage History

Uptime record, past incidents, and downtime history for Abnormal Security.

Checking current status...
92.3% uptime over 91 days
99.9% ✗ 99.5% ✗ 99% ✗ 95% ✗

90-Day Trend

Apr 11Jul 9

Monthly Uptime

Month Uptime Days Tracked Days with Issues
July 2026 77.8% 9 2
June 2026 96.7% 30 1
May 2026 90.3% 31 3
April 2026 95.2% 21 1

Uptime is calculated from daily worst-status snapshots. A day with any non-operational status counts as a day with issues.

Daily Status (Last 91 Days)

Apr 10 Today
Operational Degraded Partial Outage Major Outage Maintenance No Data

Incident History

July 2026
Inbound Email Security, AI Security Mailbox, and Portal Disruption – US and EU Tenant Customers
critical

Started: Jul 7, 10:58 PM

investigating
The Abnormal engineering team continues to work on restoring full Inbound Email Security services for US tenant customers. During this time, some emails may still be delivered without full security analysis. Additionally, Abnormal has identified that this issue is beginning to impact EU tenant customers, which the engineering team is actively addressing. The next update will be provided within 60 minutes or sooner as more information becomes available.
Jul 8, 2:33 AM
investigating
As of 00:23 UTC on July 8, 2026, AI Security Mailbox and Portal services have been fully restored for US tenant customers. The Abnormal engineering team is currently deploying a mitigation for Inbound Email Security services, which are expected to be fully restored within the next 30 minutes. During this time, some emails may still be delivered without full security analysis. The next update will be provided once Inbound Email Security services are confirmed restored.
Jul 8, 1:20 AM
investigating
Abnormal continues to experience a service disruption impacting Inbound Email Security detection and email remediation for US tenant customers that began at 22:00 UTC on July 7, 2026. During this time, emails may be delivered without full security analysis, and some customers may be unable to login to the Abnormal Portal. The Abnormal engineering team continues to actively work on restoring full functionality. The next update will be provided within 1 hour or sooner as more information become...
Jul 8, 12:08 AM
investigating
Starting at 22:00 UTC on July 7, 2026, Abnormal began experiencing a service disruption impacting Inbound Email Security detection and email remediation for US customers. During this time, inline customers may have emails delivered without security scoring or remediation, and Inbound Email Security detection is degraded. Additionally, AI Security Mailbox is experiencing issues within the portal which the Abnormal team is actively investigating. Our team is working to restore full functionalit...
Jul 7, 10:58 PM
June 2026
Inbound Email Security Detection and Remediation Disruption
major

Started: Jun 2, 6:08 PM

monitoring
Starting at 17:45 UTC on June 2, 2026, Abnormal experienced a service disruption affecting email detection and remediation for Inbound Email Security customers in the EU region. Additionally, between 18:00 UTC and 19:00 UTC, US customers experienced degraded attack detection and AI Security Mailbox functionality. Abnormal is now beginning to see recovery across impacted services. The engineering team continues to monitor as systems restore to full operational capacity. Any emails from the imp...
Jun 2, 6:26 PM
investigating
Starting at 17:45 UTC on June 2, 2026, Abnormal began experiencing a service disruption affecting email scoring, detection, and remediation for Inbound Email Security in the EU region. EU customers may experience emails not being analyzed or remediated during this time. The engineering team is actively investigating and working to restore full functionality. The next update will be provided within 1 hour or sooner as more information becomes available.
Jun 2, 6:08 PM
May 2026
Account Takeover – Delayed Sign-In Event Processing (Microsoft M365 Customers)
minor

Started: May 29, 3:25 PM

identified
Microsoft has confirmed the root cause of the degraded M365 sign-in audit log delivery has been fixed and services are currently recovering. Microsoft estimates full recovery within approximately 7 hours. Once Microsoft services complete recovery, Abnormal expects Account Takeover detection to begin processing normally and will work through the backlog of sign-in events from this incident. No data has been lost. Abnormal will post a final resolved update once Microsoft confirms full restorati...
May 29, 10:43 PM
identified
Microsoft has confirmed that the degraded delivery of M365 sign-in audit logs was caused by a power event in their West US 2 datacenter, which began at 04:27 UTC on May 29, 2026. Microsoft has reported that their service is on a recovery path and is currently processing the accumulated backlog, including sign-in stream data. As a result, customers using Account Takeover detection with Microsoft M365 may continue to experience delays in the creation of detection cases based on sign-in activity...
May 29, 10:23 PM
investigating
We are continuing to investigate this issue.
May 29, 3:31 PM
investigating
Starting at 04:27 UTC on May 29, 2026, Microsoft is experiencing degraded delivery of M365 sign-in audit logs due to an issue on Microsoft's infrastructure. As a result, customers using Account Takeover detection with Microsoft M365 may see a delay of up to 90 minutes in the creation of detection cases based on sign-in activity. No sign-in data is being lost, and Abnormal has adjusted processing to account for the delay and ensure no detections are missed. All other Account Takeover data sour...
May 29, 3:25 PM
Degraded SOAR API functionality for US customers
major

Started: May 4, 5:21 PM

investigating
Abnormal is currently investigating an issue affecting Security Orchestration, Automation and Response (SOAR) API functionality for US customers. Customers utilizing SOAR API integrations may experience errors when attempting to query messages, attachments, and threat data. Some Portal functionality that relies on the same data source may also be intermittently affected. The Abnormal engineering team is actively investigating the root cause and working toward resolution. Email detection and r...
May 4, 5:21 PM
April 2026
Email Detection Service Degradation
major

Started: Apr 28, 5:25 AM

identified
Abnormal engineering has identified the root cause and is working to implement a fix to fully restore email protection. Abnormal will provide an additional update within 1 hour or as new information becomes available.
Apr 28, 6:20 AM
identified
Starting at 00:30 UTC on April 28, 2026, Abnormal identified an issue impacting email detection accuracy, which may result in some legitimate emails being incorrectly flagged. Abnormal engineering is actively investigating and implementing corrective measures to restore full detection accuracy. Email remediation services remain operational. Abnormal will provide an update within 1 hour or as new information becomes available.
Apr 28, 5:25 AM
Customer Support Portal Access Disruption
major

Started: Apr 9, 3:15 PM

investigating
Starting at approximately 19:00 UTC on April 8, 2026, Abnormal began receiving reports of customers being unable to access the Customer Support Portal. Some customers may experience intermittent or complete inaccessibility when attempting to log in or navigate the Customer Support Portal. The Abnormal engineering team is actively investigating the underlying cause of the issue.
Apr 9, 3:15 PM
Support Case Submission via Email Temporarily Unavailable
minor

Started: Apr 8, 8:15 PM

identified
Starting at 13:30 UTC on April 8, 2026, Abnormal began experiencing an issue with receipt of email-based support case submissions and replies due to a vendor caused issue. Customer emails to support@abnormalsecurity.com or support@abnormal.ai may be delayed. Abnormal support is actively monitoring the issue and will provide further updates once additional information is received from the vendor. In the meantime, customers are encouraged to submit support inquiries through the Abnormal Custom...
Apr 8, 8:15 PM
March 2026
AI Security Mailbox Report Processing Disruption
major

Started: Mar 26, 11:03 PM

identified
Starting at approximately 16:00 UTC on March 26, 2026, Abnormal began experiencing an issue with AI Security Mailbox report processing. US and EU customers may experience failures in the processing of new reports submitted to AI Security Mailbox. Abnormal engineering is actively investigating and working to restore full functionality.
Mar 26, 11:03 PM
Inbound Email Security Detection and Remediation Disruption — US
major

Started: Mar 16, 11:21 PM

investigating
Starting around 22:23 UTC on March 16, 2026, Abnormal began experiencing a service disruption impacting Inbound Email Security detection and remediation for some US customers. Additionally, inline email processing is affected during this time, and malicious emails may not be properly detected or remediated. Abnormal's engineering team is actively investigating and working to restore full functionality. The next update will be provided within 1 hour or when further information is obtained.
Mar 16, 11:21 PM
Abnormal Portal Access Disruption – (EU)
major

Started: Mar 16, 2:58 PM

investigating
Starting around 14:26 UTC, Abnormal began experiencing an issue with the EU Portal being inaccessible and displaying an error. EU customers may be unable to access the Abnormal Portal during this time. Email detection and remediation services remain fully operational and are not impacted. The engineering team is actively working to restore access to the EU Portal.
Mar 16, 2:58 PM
Threat Log Display Delays – Gov
minor

Started: Mar 12, 8:31 PM

identified
Starting at 18:00 UTC on March 12, 2026, Abnormal identified an issue where messages flagged as attack, spam, or borderline may experience delays in appearing within the Threat Log for Gov customers. Inbound Email Security detection and remediation remain fully functional, and all threats continue to be identified and acted upon as expected. The impact is limited to a delay in Threat Log visibility within the Portal.
Mar 12, 8:31 PM