Between approximately May 2, 2026, and May 4, 2026 at 18:45 UTC, Abnormal experienced a service disruption affecting Security Orchestration, Automation and Response (SOAR) API functionality, Portal data retrieval, and Threat Log display for US customers. During this time, customers utilizing SOAR API integrations may have experienced errors when attempting to query messages, attachments, and threat data. The Abnormal engineering team has deployed a fix and confirmed that SOAR API is functioning as expected. All affected services have been restored to normal operation. If you experience any further issues, please reach out to the Abnormal support team at support@abnormalsecurity.com.
Posted May 04, 2026 - 11:58 PDT
Investigating
Abnormal is currently investigating an issue affecting Security Orchestration, Automation and Response (SOAR) API functionality for US customers. Customers utilizing SOAR API integrations may experience errors when attempting to query messages, attachments, and threat data. Some Portal functionality that relies on the same data source may also be intermittently affected. The Abnormal engineering team is actively investigating the root cause and working toward resolution. Email detection and remediation services remain fully operational and are not affected by this incident.
Posted May 04, 2026 - 10:21 PDT
This incident affected: Platform (Security Orchestration, Automation Response API (SOAR API)).