January 26, 2024

Blumira Product Updates: 2023 Review and What’s Coming in 2024

2023 Feature Roundup

At Blumira, it’s our business to pay attention. So when it comes to enhancing the Blumira security information and event management (SIEM) solution, we listen to customers and we watch what attackers are up to. Blumira is built for small and mid-sized businesses (SMBs) and their service providers, and customers are telling us they need a robust security platform that saves time for busy IT teams. Cyber criminals are continually evolving their tactics, and that means we need to stay ahead of threats and potential vulnerabilities.

With input from both the good guys (you!) and the bad guys (whether they know it or not), Blumira rolled out a number of valuable platform enhancements in 2023. Jim Simpson, Blumira CEO, explains the approach: “We think a lot about how technology can do more on part of the operator. After all, technology is supposed to make our lives better, not worse.” That’s why this year Blumira has focused on enhancements that expand detection, automation, compliance, and reporting.

A Summary of 2023

Blumira Agent

Blumira has historically monitored environments through sensors and cloud connectors
In an ever growing remote and hybrid work world, more and more SMBs need to have visibility into, and to provide protection to remote devices
Last year, we added Blumira Agent, which allows remote monitoring and protection for all Windows, Mac, and Linux devices
Value: overall, this expands visibility and protection for organizations who have a full or semi remote workforce

Automatic Host Isolation (AHI) has been added to the Blumira XDR platform edition. AHI enables automated action within an organization’s Blumira account to make responding to security threats simultaneously faster and easier for end users. More specifically, when a Blumira Agent monitored device uncovers a suspicious finding, AHI automatically isolates that device from the network. The specifics of what level of threat triggers such automated action can be customized within the Blumira App.

This can stop the spread of malware and ransomware, protecting your environment until an administrator has time to address the issue. AHI keeps a historical administrative log that shows the devices that have been isolated and the actions taken, whether they’ve been done manually or automatically, so that you have full visibility into any isolation events on all of your devices.

New data sources expand the threat coverage available from Blumira. New integrations include Webroot, a cloud-based antivirus and anti-malware software solution, and pfSense, our tenth firewall integration. pfSense is used to catch risky connections from public IPs as well as activity related to known threat sources. Over 200 integrations are available in every edition of Blumira, including the free version.

Categorization and system notifications make life easier. Blumira separates findings by the type, so you’re not faced with a long, messy list. You can now assess whether findings are an imminent threat or something less critical, so your team can focus on the most important ones first. Another potential threat is a loss of visibility. Blumira now includes system notifications that alert you when a sensor on the platform goes offline. With the right information, the Blumira team can help you get up and running faster.

New detections are on the lookout for emerging threats. In 2023, Blumira added 60 new detections and hundreds of associated rules. Our detection engineering team is continuously researching the latest attack techniques, writing rules and testing them against real data in Blumira’s cloud-based solution to deliver enhancements that provide real value.

This just in!

CEO Jim Simpson and Brett Bzdafka, Principal Product Manager at Blumira, rolled out some exciting new features in their end-of-year product roundup. The webinar explains how these new features will benefit you and your organization:

Executive Summaries are clear, colorful reports that can help you demonstrate the value of Blumira to stakeholders all the way up to board level. Blumira Executive Summaries highlight how data ingestion and log storage is unlimited, so you’re getting the best possible security insights without additional costs. The summaries show a 12-month look-back with threats broken down by category so they can be understood in context. And there are options to show your resolution rate, add a logo, or write a brief synopsis of findings.

Compliance reports make it easy to respond to audit requests. Blumira now has 24 saved reports based on National Institute of Standards and Technology (NIST) 800-171 requirements, and 41 reports formatted for the International Organization for Standardization (ISO) 27001 compliance framework. Reports are easy to access in report builder and they automatically populate with relevant information, saving you days or possibly weeks of time.

Google Workspace integration has been migrated from a sensor to a cloud connector based on customer requests, and it is now available in all paid Blumira Editions.

Blumira Agent can now collect logs from Mac and Linux endpoints in addition to Windows, providing broader visibility across your entire environment. This allows you to step up security for remote workers on more platforms.

The Year Ahead

New features on the Blumira roadmap are slated for Spring and include improvements in our XDR Platform that will make it easy to search for findings related to a specific user, IP address, or endpoint. The search will produce data visuals that illustrate an incident from end to end, helping to speed investigation so IT teams can quickly respond to close security gaps.

For managed service providers (MSPs), Blumira is working on integrations with professional service automation tools (PSAs) so they can optimize efficiency and workflows. The first professional services automation (PSA) integration will be with ConnectWise. Billing is also being automated so MSPs can focus on security rather than paperwork.

At Blumira, the feedback we get from customers helps us refine features, prioritize development, and adjust our roadmap so it continues to meet your evolving needs while keeping your organizations protected against the latest threats..