AiStrike Documentation

Abnormal Security

Integrate Abnormal Security with AiStrike by generating a REST API access token and configuring network access. AiStrike ingests email attack detections and account-takeover signals.

Prerequisites

  • Administrator access to the Abnormal Security platform.

  • Ability to manage integrations and IP allowlists.

Step 1: Generate an access token

  1. Sign in to the Abnormal Security platform.

  2. Go to Manage > Settings > Integrations.

  3. Under Additional Integrations, click + Connect on the Abnormal REST API card.

  4. Copy and securely save the Access token — it may not be shown again.

If you use an IP allowlist, add these AiStrike IPs in the IP Safelist field:

3.135.165.25/32     3.148.24.98/32     3.148.93.249/32
3.14.192.137/32     13.201.28.59/32    18.223.178.199/32
52.15.138.222/32    54.246.180.34/32   63.35.37.74/32
54.220.227.162/32

Step 2: Connector configuration

Field

Value

Configuration Name

e.g. Abnormal Security

Description

Free text

API Endpoint URL

US: https://api.abnormalplatform.com · EU: https://eu.rest.abnormalsecurity.com

API Authentication Token

The access token generated above

Enter the token in the AiStrike integration page (or share it securely with the AiStrike team). AiStrike then begins ingesting data from Abnormal Security.