Concept: Michigan-based cybersecurity startup Blumira has rolled out an end-to-end platform, Blumira’s cloud security information and event management (SIEM) that offers both automated threat detection and response to medium-sized businesses (through turn-key, cloud-enabled solutions. It aims to provide enterprise-level security to prevent cybersecurity threats in near real-time.
Nature of Disruption: Blumira’s cloud SIEM platform upend traditional solution. It integrates broadly to provide cloud infrastructure, identity and access management, cloud collaboration, and endpoint security monitoring and response. Blumira’s cloud SIEM is 5x faster to deploy than the usual SIEM, allowing it to quickly integrate with cloud services and detect cloud threats. It handles log parsing that includes alerts generated from firewalls, endpoint protection, and identity management providers, thereby reducing the burden on a small security team. With Blumira’s cloud SIEM platform, security teams can filter only prioritized alerts from these critical services to stave off alert fatigue and reduce the noise. It easily integrates with AWS and Microsoft Azure to detect device malware and enable the organization to respond to limit its security impact on its environment. Moreover, Blumira’s cloud-based security leverages threat intelligence and behavioral analytics to detect attacker attempts to log in to the systems, including geo-impossible logins and fraudulent login attempts that could indicate the theft of usernames and passwords. It integrates with identity providers to monitor two-factor authentication, endpoint, and single sign-on (SSO) and alert the user about any potential threats.
Outlook: Many SIEMs take months to years to fully deploy due to complexity with hidden costs that make it prohibitive for companies with small teams and limited resources. If not tunned properly, it can generate ~1000 alerts daily, thereby falsely engaging the team to address non-real security incidents. To overcome such bottlenecks, Blumira has unveiled a cloud SIEM solution designed specifically for mid-market companies. All the companies offering work from home can install the solution on employees’ systems to monitor and analyze them for potential threats, as well as reduce false positives and provide actionable insights. The startup has raised $10.3M in Series A funding which it intends to use to its product portfolio, hiring, and grow partnership program with managed service providers.