Outage in Abnormal Security

Abnormals Threat Log and SOAR API Latency

Resolved Minor

May 31, 2024 - Started 7 months ago - Lasted about 4 hours
Official incident page

Need to monitor Abnormal Security outages?
Stay on top of outages with IsDown. Monitor the official status pages of all your vendors, SaaS, and tools, including Abnormal Security, and never miss an outage again.
Start Free Trial

Outage Details

On May 31, 2024, at approximately 10:00 UTC, a change was released to the Azure Sentinel integration for all customers using the Abnormal Security. This change altered how Sentinel queries our API by implementing a different date range filter, resulting in queries over a larger time range. Consequently, this led to an increased load on the database powering all threat information in both the SOAR API and the Portal, causing higher latency in the Threat Log and errors in Azure Sentinel calls due to a broken date range filter. There is no impact on Email Detection and Remediation. Affected Services: Abnormal Portal / Threat Log, SOAR API endpoints Severity Level: Major Incident Start Time: May 31, 2024, 10:00 UTC What We're Doing: Our Engineering team has identified the root cause and is implementing a solution. We expect the database performance to improve in the next hour. Next Update: May 31, 2024, 18:45 UTC Questions?: For any immediate concerns, please contact us at support@abnormalsecurity.com.

Components affected

Abnormal Security Portal Application

Latest Updates ( sorted recent to last )

RESOLVED 7 months ago - at 05/31/2024 10:01PM

This incident has been resolved.

INVESTIGATING 7 months ago - at 05/31/2024 08:59PM

Our team continues to work on resolving the increased load on our Abnormal Portal / Threat Log and SOAR API endpoints. While we have made progress, the issue remains unresolved.

Affected Services: Abnormal Portal / Threat Log, SOAR API endpoints

Severity Level: Major

Incident Start Time: May 31, 2024, 10:00 UTC

Current Status:
Our Engineering team is actively implementing solutions to mitigate the increased load. We are committed to resolving this issue as quickly as possible and will keep you updated on our progress.

Next Update: In one hour

Questions?: For any immediate concerns, please contact us at support@abnormalsecurity.com.

INVESTIGATING 7 months ago - at 05/31/2024 07:15PM

Incident Update: Our team continues to work on resolving the increased load on our database caused by the recent Azure Sentinel integration change.

Affected Services: Abnormal Portal / Threat Log, SOAR API endpoints

Severity Level: Major

Incident Start Time: May 31, 2024, 10:00 UTC

Current Status:
Our Engineering team is actively working on implementing a solution. Unfortunately, the issue is still not fully resolved. We are making progress and will provide further updates as soon as possible.

Next Update: In one hour

Questions?: For any immediate concerns, please contact us at support@abnormalsecurity.com.

INVESTIGATING 7 months ago - at 05/31/2024 05:55PM

On May 31, 2024, at approximately 10:00 UTC, a change was released to the Azure Sentinel integration for all customers using the Abnormal Security. This change altered how Sentinel queries our API by implementing a different date range filter, resulting in queries over a larger time range. Consequently, this led to an increased load on the database powering all threat information in both the SOAR API and the Portal, causing higher latency in the Threat Log and errors in Azure Sentinel calls due to a broken date range filter.

There is no impact on Email Detection and Remediation.

Affected Services: Abnormal Portal / Threat Log, SOAR API endpoints

Severity Level: Major

Incident Start Time: May 31, 2024, 10:00 UTC

What We're Doing:
Our Engineering team has identified the root cause and is implementing a solution. We expect the database performance to improve in the next hour.

Next Update: May 31, 2024, 18:45 UTC

Questions?: For any immediate concerns, please contact us at support@abnormalsecurity.com.

Latest Abnormal Security outages

Service Disruption impacting US and EU customers due to Microsoft 365 API Latency - 27 days ago

Inbound Email Security - Attack remediation delays to processing time - 3 months ago

EMEA Data Center Degraded Performance - 3 months ago

Inbound Email Security - Google Customers Only - 3 months ago

Remediation Delay - Inbound Email Security - 3 months ago

Be the first to know when Abnormal Security and other third-party services go down

With IsDown, you can monitor all your critical services' official status pages from one centralized dashboard and receive instant alerts the moment an outage is detected. Say goodbye to constantly checking multiple sites for updates and stay ahead of outages with IsDown.

Start free trial

No credit card required · Cancel anytime · 3278 services available

Integrations with Slack Microsoft Teams Google Chat Datadog PagerDuty Zapier Discord Webhook

Setup in 5 minutes or less

How much time you'll save your team, by having the outages information close to them?

14-day free trial · No credit card required · Cancel anytime

Start today for FREE