Case Study: Sentara Healthcare achieves 700+ BEC attack blocks and automated SOC operations with Abnormal AI

Sentara Improves Health, Security, and Trust for the Communities It Serves

Sentara Healthcare, a 134-year-old health system serving 950,000 insured members and operating 12 hospitals and 300+ sites, faced persistent email threats—spoofing, vendor-impersonation BEC and spear-phishing—that bypassed its IronPort and Microsoft 365 defenses. Seeking a cloud-native, AI-driven, API-based layer to augment existing controls, Sentara selected Abnormal AI to protect its 48,000+ mailboxes and reduce the burden of manual spam investigations.

Abnormal AI was integrated via API (including VendorBase™, account-takeover and abuse-mailbox capabilities) and tied into Sentara’s SOAR to auto-investigate and remediate reported threats. The deployment delivered immediate value: more than 700 advanced BEC attacks blocked in the first eight months, 140+ compromised vendors identified, 31,448 spam emails auto-remediated in 90 days, zero missed attacks in that initial period, and measurable time savings for the IT team—allowing staff to focus on higher-value security work.

Sentara Healthcare

Mike Freeman

Cybersecurity Manager