Microsoft 365 and legacy SEG overlap leaves advanced email gaps

At a glance

What this is: This analysis argues that layering a legacy SEG on top of Microsoft 365 often creates redundancy rather than true defense in depth, leaving advanced social engineering and account-takeover attacks exposed.

Why it matters: For IAM and security teams, the lesson is that email defence must align with identity risk, behavioral context, and control differentiation across NHI, human, and federated access paths.

By the numbers:

• Abnormal customers see an average of 462 advanced attacks per month bypassing Microsoft native controls per 1,000 mailboxes.
• 76% of Abnormal customers now run without a third-party SEG.
• More than 800 organisations have migrated over 3.5 million mailboxes to the native plus AI model.

👉 Read Abnormal AI's analysis of Microsoft 365 and legacy SEG overlap

Context

Most organisations using Microsoft 365 with a legacy secure email gateway are not getting true defense in depth. They are getting overlapping inspection layers that cover many of the same known threats while leaving modern, identity-driven attacks insufficiently addressed.

The security problem is not simply email filtering. It is that social engineering, business email compromise, vendor fraud, and account takeover increasingly arrive as clean, contextual messages that challenge the assumptions built into signature-based inspection and conventional perimeter email controls.

Key questions

Q: How should security teams decide whether to keep a legacy SEG with Microsoft 365?

A: They should decide based on control independence, not habit or procurement history. If the SEG mostly duplicates spam, malware, and URL inspection already present in Microsoft 365, it is adding cost rather than resilience. Keep only the layer that materially improves detection of identity-based and text-only attacks that native controls miss.

Q: Why do business email compromise attacks bypass traditional email controls?

A: Because they often use legitimate accounts, clean text, and believable business context instead of malware or obvious indicators. Traditional controls are strongest when they can match known bad patterns, but BEC works by looking normal. That is why behavioural context and relationship analysis matter more than static filtering alone.

Q: How do security teams know if their email controls are actually overlapping?

A: Look for the same threat categories being claimed by both layers, the same messages being inspected twice, and the same native protections being disabled to keep the SEG functional. If both products depend on the same signals, the stack may be more redundant than defensive.

Q: What should organisations prioritise when moving away from a legacy SEG?

A: They should prioritise independent coverage for advanced attacks, lower manual triage, and cleaner use of the native email platform they already pay for. The move should improve detection of vendor fraud, BEC, and account takeovers, not just reduce license count.

Technical breakdown

Why legacy secure email gateways overlap with Microsoft 365

Legacy secure email gateways were built for an earlier email threat model: spam, malware, URL inspection, attachment analysis, and policy enforcement at the perimeter. Microsoft 365 now covers much of that baseline, which means many organisations keep a second control layer that inspects the same signals with the same logic. That creates redundancy, not independent coverage. In practice, teams often route mail around native controls to keep the SEG working, which can weaken the very stack they intended to improve.

Practical implication: map which email protections are already native to Microsoft 365 before retaining a SEG layer.

Why AI-driven social engineering bypasses static inspection

Modern business email compromise and vendor fraud do not always rely on malicious payloads or obvious indicators. Attackers use trusted accounts, legitimate workflows, and business-context language to make messages look normal to both users and machines. Static filtering, threat-intelligence matching, and sandboxing are weaker when the message is text-only and operationally plausible. The detection problem shifts from bad content to malicious intent, which requires behavioural context across senders, recipients, vendors, and communication patterns.

Practical implication: treat behavioural detection as a separate control class, not a feature add-on to the same inspection model.

What complementary email defence should actually separate

True defense in depth means each layer does something materially different. Native platform controls should handle foundational spam and malware coverage, while a behavioural layer should identify anomalies in identity, relationship, and message patterns that point to manipulation or compromise. When both layers rely on the same inspection paradigm, they fail together. When they separate payload inspection from behaviour-based detection, teams gain broader coverage without duplicating cost and complexity.

Practical implication: design email security so one layer covers known threats and another covers identity-based abuse.

Threat narrative

Attacker objective: The attacker aims to monetise trusted email channels by inducing payment fraud, stealing accounts, or manipulating business workflows without triggering conventional inspection controls.

1. Entry occurs through trusted communication channels, compromised partner accounts, or highly tailored messages that appear legitimate to the recipient and the mailbox controls.
2. Escalation happens when attackers exploit identity trust and business context rather than malicious payloads, allowing BEC, vendor fraud, or account takeover to bypass static inspection.
3. Impact is financial loss, account compromise, and time-consuming manual triage, especially where the same attack can evade both native controls and a legacy SEG.

Breaches seen in the wild

• Cisco DevHub NHI breach — IntelBroker exploited exposed Cisco credentials, API tokens and keys in DevHub.
• ASP.NET machine keys RCE attack — 3,000+ exposed ASP.NET machine keys enabled remote code execution.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

Legacy SEG overlap is an architecture problem, not a feature problem. When Microsoft 365 already provides baseline spam and malware protection, a second perimeter product that inspects the same signals does not create real resilience. It creates duplicate controls, duplicated cost, and a false sense of layered security. Practitioners should treat overlap as a design failure, because the meaningful gap is behavioural detection, not another copy of the same inspection stack.

Identity-based email abuse is the category that exposes the limits of signature thinking. Business email compromise, vendor fraud, and account takeover succeed because the message content is clean, contextually plausible, and anchored in real workflows. That means the security issue sits closer to identity trust and relationship context than to payload inspection. The implication is that email defence must be organised around behavioural risk, not just message hygiene.

Defense in depth only works when the layers are independent. A native platform layer and a behavioural AI layer can complement each other, but two tools that both depend on the same indicators of compromise merely reinforce the same blind spots. This is the governance lesson for IAM and security architects: independence of detection matters more than the number of products in the stack. Practitioners should re-evaluate whether their controls actually diversify failure modes.

Text-only attacks create a governance blind spot that traditional mail security was never built to solve. The named concept here is inspection-model redundancy: the condition where multiple controls look busy while sharing the same detection assumptions. That assumption fails when malicious intent is embedded in ordinary business language. The implication is that teams must stop equating coverage with correlation of tools.

From our research:

• Two-thirds of enterprises have endured a successful cyberattack resulting from compromised non-human identities, with a quarter encountering multiple attacks, according to The 2024 ESG Report: Managing Non-Human Identities.
• Enterprises that have experienced a compromised NHI averaged 2.7 separate incidents in the past 12 months.
• 52 NHI Breaches Analysis shows the same pattern of repeated credential abuse and persistence across identity layers.

What this signals

Inspection-model redundancy: many email stacks still look layered on paper while converging on the same detection logic in practice. For IAM and security leaders, that means the important question is not how many products are attached to Microsoft 365, but whether any layer actually sees identity-driven abuse differently.

The operational signal is that AI-assisted social engineering is moving faster than traditional mail inspection can adapt. When attackers can present clean, contextual messages and still drive fraud or account takeover, teams need controls that evaluate trust relationships, sender behaviour, and transaction context together.

For readers maturing broader identity programmes, this is a reminder that email remains an identity control surface. The same governance discipline that applies to privileged access and service accounts now has to extend to communication trust, delegated workflows, and anomalous account behaviour.

For practitioners

• Audit overlap between native and third-party email controls Inventory which spam, malware, URL, attachment, and policy functions are already enforced in Microsoft 365, then identify where the SEG duplicates the same inspection logic.
• Separate known-threat filtering from behavioural detection Keep baseline protection focused on known indicators, while using a distinct behavioural layer for vendor fraud, BEC, and account-takeover patterns that look clean at the message level.
• Measure advanced-attack coverage rather than product count Track the rate of socially engineered messages, suspicious internal mail, and account takeovers that bypass each layer, then compare that result to manual triage burden.
• Review routing dependencies introduced by legacy SEGs Check whether the SEG still forces mail flow changes, control bypasses, or reduced use of native Microsoft controls that undermine the intended architecture.

Key takeaways

• Legacy SEGs paired with Microsoft 365 often duplicate baseline protections while leaving advanced social engineering insufficiently covered.
• The evidence points to a detection gap, with hundreds of advanced attacks per month bypassing native controls in the typical customer environment.
• Practitioners should separate known-threat filtering from behavioural identity-aware detection and measure whether the stack actually covers different failure modes.

Key terms

• Defense in depth: Defense in depth is a security design that uses multiple independent controls so one failure does not expose the whole environment. For identity and email security, the layers must detect different failure modes rather than repeat the same inspection logic in parallel.
• Business email compromise: Business email compromise is a fraud pattern where attackers use trusted email relationships to induce payments, credential capture, or workflow manipulation. The message often appears legitimate because the attacker abuses context, not malware, which makes behavioural and identity-aware detection critical.
• Behavioral detection: Behavioral detection identifies suspicious activity by comparing messages, senders, recipients, devices, and relationship patterns against expected norms. Unlike static filtering, it looks for intent and anomaly, which is why it is better suited to socially engineered and text-only attacks.
• Inspection model redundancy: Inspection model redundancy is the condition where multiple security tools rely on the same signals and therefore miss the same threats. It creates the appearance of layered defence while leaving organisations exposed to attacks that do not look malicious at the content level.

Deepen your knowledge

NHI governance, agentic AI identity, and machine identity lifecycle are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.

This post draws on content published by Abnormal AI: Key insights on why legacy SEGs with Microsoft 365 create overlap instead of true defense in depth. Read the original.