You asked for it and we’ve delivered – Blumira’s Executive Summaries are now automatically available for all customers on SIEM+ and XDR Platform; no need to run any reports manually.
Blumira’s Executive Summaries immediately show security value to your C-level, key stakeholders, financial decision-makers and others. The easy-to-understand, colorful reports give you a high-level overview of:
- How much money you’re saving with Blumira’s unlimited data ingestion and log storage (vs. thousands of dollars every month you would spend with other SIEM vendors)
- The level of risk in your environment, with a view of how many and what kinds of threats Blumira has identified in your environment by analyzing your log data
- Trends over time, with a look back at your previous 12 months of data
- How many suspected threats were resolved, with the option to toggle this information on and off for each report
Giving your stakeholders insight into Blumira’s cost savings and value-add on a monthly or quarterly basis is easier than ever with Blumira’s Executive Summaries. The reports are automatically generated in your Blumira application and can be sent to recipients directly.
What You Asked For
“Main driver behind it is that I need something to show that what they’re paying for is worth it.” – Manager of Cybersecurity Services, Partner
“Smaller guys don’t really see the value in it, they’re not being hacked. If we can show them how it’s going to benefit them, then that’s super helpful.” – MSP
“Right now it is difficult for us to natively export the story of what Blumira is doing, and show that to leadership.” – CISO, Computer Software
We get it – it can be difficult to get visibility into what Blumira’s doing behind the scenes, if you don’t have regular findings or threats that pop up in your environment, alerting you on a regular basis from our platform.
But there’s a lot the different teams at Blumira orchestrate smoothly in the background so you don’t have to worry about it – and it might be difficult to fully communicate the breadth of our heavy lifting to your key executives.
Here’s a look at what we’re doing behind the scenes to create a seamless, easy user experience for our time-strapped SMB customers, partners, and MSPs:
Dedicated onboarding and ongoing check-ins – Our dedicated Solution Architects (SAs) walk you through onboarding and troubleshooting of any setup issues. They continue to provide value to your team with regular check-ins and updates about the latest platform and security innovations to help continuously improve your security posture.
Parsing and building new integrations – Our engineering team writes new parsers for integrations and maintains existing ones to update them when data types change. This normalizes and standardizes the data as it is collected into Blumira’s platform for automated threat analysis, detection and response.
Writing clear and useful documentation – Our CX team works closely with our engineering team to understand and document the steps in a clear, easy-to-understand support article available on Blumira’s support website to help IT teams quickly set up integrations, test that logging and detections are working properly, configure filters, run reports and much more.
Managing detections and threat hunting – It would require at least two FTE (full-time employees) with security analyst experience for detection rule development and threat hunting. Blumira’s Incident Detection Engineering team stays on top of the latest vulnerabilities and security events, writing and managing our rules that are automatically rolled out to our platform at scale.
Keeping the platform reliable and scalable – One of the perks of using a cloud-based software-as-a-service (SaaS) platform is taking advantage of the fact that your provider maintains the reliability of the solution and all of the backend infrastructure required to ensure it runs smoothly, day to day.
24/7 responsive security support – Our responsive, experienced security team is on standby when you need help the most. Extend your team with the support of our Security Operations (SecOps) team available 24/7 for critical priority issues, to help answer security questions, troubleshoot, and more. Your team can message them directly in-app, email or call.
What You’re Getting With Executive Summaries
Blumira’s Executive Summaries starts with an overview of your environment – how much data Blumira’s platform analyzed, how many security findings Blumira detected, and how many were determined to be actual threats, prioritized as P1.
The amount of data analyzed is often used to determine pricing. Many other SIEM providers may charge you by the amount of data you send to their service (also known as ‘pay-as-you-go’), which can be problematic for a few reasons:
- Costly – Charging by ingestion amount really adds up over time as your environment grows. Microsoft’s pricing calculator for 500GB/day amounts to $43,824 for 30 days or $525,888 a year (and that’s at a discounted rate).
- Unpredictable – It’s hard to budget for as your data needs fluctuate from month to month based on user, network and app activity or unforeseen changes in your tech stack.
- Limits visibility – Without analyzing your full dataset (and having to make financial decisions about limiting your data based on costs), you may miss indicators of a compromise.
Blumira’s pricing model is per knowledge worker at your organization to help SMBs predictably budget for their security costs. There’s no limit on the amount of data you send to Blumira’s platform for analysis, detection and response to give you the greatest visibility into your environment.
By adding more sources, you can increase your ability to detect potential threats across your entire environment. While some large vendors (Microsoft) often pressure you to adopt their own tooling, Blumira’s platform integrates with your current tech stack to centralize your data and get the most out of your existing investments.
A ‘finding’ is when Blumira’s platform identifies a match in your data to our detection rules, written to identify anomalous activity that could be an early sign of an attack, or of an attack in progress.
It would require at least two FTE (full-time employees) with security analyst experience for detection rule development and threat hunting. Blumira’s Incident Detection Engineering team stays on top of the latest vulnerabilities and security events, writing and managing our rules that are automatically rolled out to our platform at scale. Behind the scenes, Blumira is doing the work required to keep your organization safe.
By categorizing and prioritizing the findings by level of criticality, we help your team understand what needs immediate attention so they can take quick action. For example, a high priority (P1) threat (an event that Blumira has determined with a high level of confidence poses an immediate and real threat to the security of data or resources) requires your team to take steps immediately to remediate.
Your top detection categories are also listed out to give you an idea of the types of findings and threat-like or risky activity occurring in your environment.
Finally, the top 10 suspected threats are also listed out, based on the number of findings generated by your data. The name of the findings or detections are also included, as well as finding priority level and the percentage of findings that were resolved.
Making Security & Compliance Easier For SMBs
Blumira is dedicated to making security easy and available to small and mid-sized businesses.
Part of the drivers of security include meeting compliance requirements that help prove your adherence to frameworks like NIST 800-171. Blumira recently released new reports that users can run, schedule and send to their inboxes regularly to help verify their compliance with certain controls, including:
- 3.1 Access Control — Any unauthorized access attempts, user permissions and roles, privilege escalations, VPN connections and more
- 3.3 Audit & Accountability — Proof of log data retention over a certain period of time
- 3.4 Configuration Management — All configuration changes made to systems and devices
- 3.14 Malware Detection — All instances where anti-malware tools detected malware
That way, when you need to prove your compliance to an auditor, you can easily hand over Blumira’s time/date-stamped reports.
This feature is available to all paid Blumira customers and can be found by navigating to Reporting > Report Builder, clicking Load Saved Report and typing “NIST” into the search box.
There’s a few different ways you can get started with Blumira:
- Free SIEM – Choose up to 3 cloud integrations, set up in minutes, send logs to Blumira and start seeing security value right away. Our Free SIEM gives you a limited version of our product with 14 days of data retention.
- Try SIEM + XDR Free – Get a trial of Blumira’s XDR edition up and running to experience the complete SIEM, endpoint visibility and automated response platform.
- Get a Demo – Not ready to try Blumira yet? Contact our team to speak with a representative and walk through a demo of Blumira’s XDR Platform to get all of your questions answered.