SIEM & XDR Security

Priced by knowledge worker + additional endpoints to help you predict your budget. Save thousands every month with unlimited data. Contact us for a custom quote.

unlimited users
Sign Up Today

Access to everything below, for free:

14 days retention
Choose 3 cloud integrations**
Log collection & threat analysis
Managed detections & rule insight
Response playbooks
Dashboard summary & basic reporting
Notifications (voice, email & text)
$12 per user per month
Contact Us

Everything in Free
SIEM, plus:

30 days retention
All cloud & sensor integrations
Detection rule management & detection filters
Manual dynamic blocklists
Advanced dashboards & compliance reports
Customer support (9am-8pm ET)
$18 per user per month
Contact Us

Everything in SIEM
, plus:

1 year retention
Endpoint visibility & response
Manual host isolation
Emergency after hours support (24/7 for critical issues)
Executive Summaries
NEW Blumira Investigate
$24 per user per month
Try XDR Free

Everything in SIEM+, plus:

1 year retention+
Endpoint visibility & response
Automated host isolation
Automated blocking (for dynamic blocklists)

Volume/nonprofit discounts available.
Contact sales for custom quote.

Compare SIEM & XDR Editions

Easily meet compliance with SIEM data retention, security reporting, 24/7 SecOps and more.

Choose 3 cloud integrations & set up a SIEM in minutes
Expand coverage to all integrations & get SecOps support
Satisfy compliance w/1 year retention & support remote work
XDR Platform
Detect & respond faster w/ SIEM + endpoint visibility + automated response
Data Ingestion
Data Retention
14 days
30 days
1 Year (Helps With Compliance)
1 Year (Helps With Compliance)
Long Term Storage Option
Available (Helps With Compliance)
Cloud Integrations
Pick 3: Microsoft 365, Google Workspace, SentinelOne, Webroot, Mimecast, Duo Security, Cisco Umbrella, Sophos, JumpCloud or OneLogin
Sensor Integrations
Endpoint Visibility + Response – Blumira Agent
1 per knowledge worker, additional available
1 per knowledge worker, additional available
Log Collection
Threat Analysis
Managed Detections
Detection Rule Insight
Detection Rule Management
Detection Filters
Response Playbooks
Manual Host Isolation
Manual Dynamic Blocklists
Automated Host Isolation
Automated Blocking (for Dynamic Blocklists)
Dashboard Summary
Advanced Dashboards
Basic Reporting & Limited Compliance Reports
Advanced Reporting (Includes All Compliance Reports)
Executive Summaries
Investigate & Visualize Data
Notification & Support
Notifications (Voice, Text & Email)
Email only
Customer Support (9am-8pm ET)
Emergency After Hours Support (24/7 for critical priority issues)
Deception Technology

MSP pricing and packaging will differ. Contact [email protected] for more details.
*Subject to our Terms and Conditions.
*Free SIEM can choose up to 3 cloud integrations: Microsoft 365, Google Workspace, SentinelOne, Webroot, Mimecast, Duo Security, Cisco Umbrella, Sophos, JumpCloud, OneLogin

See FAQ for more information on knowledge workers (it does not refer to the number of users or admins with Blumira accounts).
Pricing is contracted on an annual basis.
Additional endpoint agents available.

Real Customers Solving Real Problems

"I didn’t have the budget to spend on partnering with a managed SOC provider. All of the solutions we looked at required a long-term commitment with a high barrier of entry. I was looking for something new and different from the Splunks and AlienVaults of the world -- a solution that focused on the user experience and security relationship."

John Hwee

Director of IT

"Blumira is at least 50% -- if not more -- affordable compared to some of the other solutions. I would definitely recommend Blumira to other companies looking to increase their visibility into the security of their networks."

Ethan Shutika

Director of IT and Security

"We like that Blumira is user-friendly and we don’t need a dedicated security analyst to maintain it. For some of the other solutions, it would probably require us to have two security analysts on staff. Blumira is well-worth the money."

Mike Morrow

Technical Infrastructure Manager

Frequently Asked Questions

What can I expect with Blumira's Free SIEM edition?

Choose up to 3 cloud integrations – Microsoft 365, SentinelOne, Webroot, Mimecast, Duo Security, Cisco Umbrella – to start streaming logs to Blumira’s platform for advanced threat detection and response. Get started in minutes with: What to Expect With Blumira’s Free Edition & Free SIEM: Now With More Cloud Integrations!

How can I protect my full tech stack?

SIEM Pro provides integrations and coverage for all cloud and on-prem, including Windows Server, firewalls, identity and more. SIEM + Endpoint Visibility and XDR Platform expands your coverage to include remote Windows endpoints.

How do I switch to a different plan?

Reach out to your Blumira account representative or dedicated Solution Architect to help assist you with any plan changes.

What do I need to help meet compliance?

While compliance regulations may vary, most industry standards and upcoming cybersecurity insurance mandates often require at least one year of data retention for audit trails, log monitoring, investigation and incident response. Blumira’s SIEM+ edition helps you meet many compliance controls, while the XDR platform gives you options for longer data retention.

What defines a knowledge worker?

Pricing is based on the total number of knowledge workers in your organization (it does not refer to the number of users or admins with Blumira accounts). A knowledge worker is an employee with a corporate email address and workstation/device (may not include number of factory workers or students at a university).

This helps us determine a more accurate estimate of the amount of data you are sending to our platform.

Is there a knowledge worker minimum?

There is a 10 knowledge worker minimum for each paid edition. Free SIEM comes with unlimited users.

How do you provide support?

Customer support is available for paid editions only. Your team can contact our support directly in the Blumira app, by email or calling our support line. For SIEM+ and XDR Platform, Blumira provides emergency after hours support 24 hours, 7 days a week for critical priority issues. 

Is there a contract term?

Our contract terms are on an annual basis.

How can I purchase Blumira Agent?

SIEM+ comes bundled with 1 Blumira Agent per user, with the ability to purchase additional agents. XDR Platform comes bundled with 1 Blumira Agent per user, with the ability to purchase additional agents. MSP pricing and packaging will differ – contact [email protected] for more details.

Still have questions?

If you don't see what you're looking for above, please reach out. We're happy to help!