Customer Story: NineStar Connect Cuts Alert Resolution Time in Half with SOC Auto-Focus

NineStar Connect

NineStar Connect is a community-based utility cooperative and managed service provider offering IT, network, and cybersecurity services to organizations throughout Indiana. Its integrated approach sets it apart from traditional MSPs, giving businesses a one-stop partner for reliable infrastructure and strengthened security.

The Challenge: Manual Log Review Slowing Investigations

Travis Short is the SOC Analyst on a two-person security team at NineStar. His day-to-day includes monitoring and investigating alerts across multiple platforms, from SharePoint and Teams to Duo and beyond.

Short often had to manually review SharePoint logs and other platforms to find the root cause of security alerts. While many alerts are routine, more complex ones demand extra time and technical interpretation. Short sometimes relied on tools like ChatGPT, but this added steps and context-switching, slowing down investigations.

“When I use AI day-to-day outside of Blumira, it’s a lot of ‘write a PowerShell script,’” Short said. “For [an alert] that seems out of the norm, I would ask ChatGPT or a Copilot if I was really stuck because it would take a lot of effort to get through that.”

The Solution: Auto-Focus, a Built-in Shortcut and Force Multiplier

To improve efficiency, Short adopted Blumira’s SOC Auto-Focus feature, which quickly became his go-to shortcut. Instead of toggling between multiple platforms or external AI tools, he now relies on Auto-Focus, within the Blumira platform, to assist with more unique alerts that don’t surface every day.

“With Auto-Focus I can speedrun [investigations] because it's just a click of a button. It can be a timesaver and a good place to start,” Short said.

Auto-Focus makes complex alerts easier to understand, presenting findings in plain-English summaries with investigation steps tailored to NineStar Connect’s environment.

““It's great for specific alerts you don't understand and translates them into like human readable content that provides more context," Short said. “Auto-Focus bridges technical knowledge that I’d have to look up manually, like ‘how do I do this in PowerShell or how do I create a loop?’ It bridges that gap much quicker than me Googling.”

Instead of manually searching logs, Auto-Focus points Short directly to the right resource.

“[Auto-Focus] automatically gives you a link to where you should be looking in SharePoint to understand the impact,” Short said. “It's not taking me to a generic SharePoint link or guide, it's taking me straight to our instance of SharePoint in the [NineStar Connect environment] so I can copy and paste that URL into a browser.”

Auto-Focus has become both a time-saver and a confidence booster for NineStar Connect’s SOC team, with a direct impact on key metrics like Mean Time to Identify and Mean Time to Respond. Whether investigating SharePoint activity or generating PowerShell examples, it gives Short the clarity he needs to move quickly and confidently.

“It probably cuts the amount of time I spend actually investigating an alert in half,” Short said.