The Pain of Maintaining and Scaling Security Tools
Matt Warner always had an entrepreneurial spirit, having started two companies in his early 20s. But his most profound venture arose from the pain of maintaining and scaling an open-source log aggregation tool. In 2016, Matt and engineers Chris Heath, Amanda Berlin, and Nick Brigmon were working at a managed security services provider (MSSP) and witnessed firsthand how resource-constrained IT teams struggled to keep up with an onslaught of security alerts, gaps in visibility and mounting threats.
“I woke up one morning thinking, I just can’t do this anymore. I can’t keep running this security operations center. It was crazy,” said Warner. “As someone obsessed with working hard, I knew that if I felt that burnt out, many others likely did too.”
The Birth of Blumira: Addressing the Security Poverty Line
Matt had built out his own technology stack using open-source tools to run security services and sought to automate those internal tools and make them more supportive and scalable. He saw an opportunity to help others struggling with security monitoring. That’s when the idea for Blumira arrived: a company that makes security visibility, insights, and response radically easier for underserved IT and security teams, like the one he had managed.
These teams desperately needed security solutions tailored to their budgets and staff limitations. However, traditional SIEM tools were purpose-built for larger enterprises and failed to meet SMB needs. Using an enterprise-level SIEM felt akin to commuters taking a private jet from NYC to Newark—overly complex and costly.
Matt was determined to help by pioneering more accessible security solutions. At their MSSP, they developed a manual service consisting of log analysis where Amanda and Nick could identify potential customer security issues and flag them for further review. However, these manual processes were not sustainable. Customers needed more than just detection; they needed automated response capabilities and remediation guidance.
This sparked the founding vision for Blumira—to create automated threat detection and simplified incident response specifically for resource-constrained IT teams, addressing a critical issue known as the security poverty line. The security poverty line refers to the point at which organizations cannot afford the necessary tools and resources to adequately protect themselves against cyber threats.
The Spark of Innovation: Early Days (2017-2019)
The team’s goal was now clear: provide a SIEM plus detection and response solution purpose-built for small-to-midsize businesses that actually worked, that could be handled by small teams, and that provided the visibility that IT pros needed without the extra cost, noise, and tech tool learning curve.
The founders engaged in sleepless whiteboard sessions, intense debates, and countless pots of coffee as they worked their way across the complex chessboard, giving fodder to the revolutionary idea that would shape the earliest incarnation of Blumira.
In 2018, Blumira was officially named. Our team of thought leaders, visionaries, and technical gurus tirelessly pursued the mission: transform security operations for small-to-midsize businesses by removing the burden of complexity, constraints, and cost.
Our solution focused on three design pillars:
1. Ease of implementation
2. Not charging based on log ingestion
3. Speed and actionability of detections
Matt and team crafted the platform while developing a culture intent on simplifying security. We expanded the ranks by recruiting security practitioners and developers who were passionate about solving real-world problems. We also saw the first version of our product take flight in test mode. Soon we could glimpse into what the future held: revolutionizing the security industry.
Under the Hood: Creating our Novel SIEM (2019)
In the first production version, part of our mission was to automate the tasks typically assigned to level 1 SOC analysts. At other companies, these analysts often face challenges such as heavy workloads, limited resources, and inadequate training. We focused our efforts on several key aspects of the user experience to address these issues, providing IT teams with unparalleled visibility through automated log collection, retention, and enrichment.
Recognizing the importance of pre-built detection logic, we invested significant resources into developing comprehensive and tailored detection rules, setting ourselves apart from other SIEMs that rely on generic, one-size-fits-all approaches. By doing so, we eliminate the ongoing time, effort, knowledge, and cost burdens that customers often face after implementation, empowering them to allocate their resources more effectively.
Furthermore, we automated the analysis process, which is typically a manual and time-consuming task for level 1 analysts. This automation ensures consistent, accurate, and efficient analysis, reducing the potential for human error and allowing IT teams to focus on higher-level tasks.
To further support users, we developed and automated response playbook workflows that are linked to each specific finding. These workflows provide guided remediation steps for users of all skill levels, ensuring that they have access to the right information and support exactly when they need it most, regardless of their experience or expertise.
All of these combined enabled us to show industry leaders and peers that Blumira could put the theory into impeccable practice.
And…We’re Live! (2020)
By 2020, Blumira was ready to hit primetime and go to market. Just like the prestige television shows of yore, our going live was the product of years of tireless work to build out a product worth its salt—and that made good on its promise.
The result was a hiring boom. We quickly saw our wave of new “Blumers” enacting their expert-level capabilities as they made Blumira’s impact and service better than ever before. Even during the complex time of COVID, our impact rapidly grew in prominence, feasibility and reach.
We also expanded our ongoing data journey, collecting, parsing, and analyzing vast data to improve our platform and uncover threats with greater speed, efficiency and accuracy. We then saw our first customers join us and commit to strong, long-lasting partnerships.
The Big Blumira Boom (2021-present)
2021 was a pivotal year for us. With Series A funding secured, we streamlined delivery while growing our superstar developer and product teams.
2022 was a year of supergrowth. Our platform expanded to support 100+ data sources, sharpening our ability to detect and respond with greater speed and accuracy. That year, our teams also added an additional 150+ pre-built detections (today, we have over 600!) mapped to the MITRE ATT&CK® framework and achieved SOC 2 compliance certification.
Also in 2022, we released our Free version of Blumira to equalize the playing field for security teams and offer a window into how Blumira actually works—without the burden of paying first.
2023 saw a successful round of Series B funding, which allowed us to profoundly elevate the application of our insights and execution of our service. We continued to expand and mature detections, streamline incident investigation, add connectors to support more data sources, and build integrations with tech partners to enrich telemetry.
To the Future—and Beyond
Blumira strives to help all IT and security teams sleep easier at night. That’s why we built the necessary technology to create an accessible cybersecurity landscape. The future will see us doubling down on our commitment to customer success by creatively disrupting the security industry, providing solutions to organizations of all sizes.
At Blumira, our user-based pricing model offers predictable costs and comprehensive security coverage without data volume, integration, or features complications. Our team constantly seeks new insight and means to improve and expand our range of detections while streamlining alert investigation. Blumira emerged from a burned-out and frustrated security operations manager to the creation of a philosophy and methodology to implement and maintain a game-changing SIEM platform.
Don’t just take our word for it. Watch what problems Blumira can solve for you by getting a free demo.
More from the blog
View All PostsCloud-Delivered Security Analytics Rise
Read MoreSimplifying Incident Response: Announcing Blumira Investigate
Read MoreGuide: How to Replace Your SIEM
Read MoreSubscribe to email updates
Stay up-to-date on what's happening at this blog and get additional content about the benefits of subscribing.