Blumira, a cybersecurity provider of automated threat detection and response technology, today launches Detection Filters, a feature that empowers small and mid-sized business (SMB) customers to customize detection rules based on their organizations’ needs.
Customized detection rules reduce the number of noisy alerts, so small IT and security teams can focus on critical and priority alerts to prevent breaches and ransomware attacks.
According to Orca Security research, nearly 60 percent of IT professionals receive more than 500 daily cloud security alerts, and alert fatigue causes 55 percent of these organizations to miss critical threats. Blumira’s Detection Filters helps organizations reduce false positives, or alerts triggered by known safe activity and automates the prioritization of findings so small teams can focus their attention on legitimate threats for faster time to resolution.
“Many SMBs and mid-market organizations have small IT teams, and too many alerts from multiple tools lead to alert fatigue – distracting teams from critical threats and negatively impacting organizational security,” said Matt Warner, CTO and co-founder of Blumira. “We designed Blumira’s Detection Filters to help them easily tune detections and prioritize findings unique to their environments so small teams can stay focused on real threats.”
To enable small teams to focus on anomalous detections, users can edit their organization’s detection rules to exclude alerts triggered by known legitimate traffic or users. Organizations can customize these filters to exclude certain users or IP addresses from findings, freeing up time and effort that IT teams would otherwise spend combing through irrelevant alerts.
Small teams benefit from Blumira’s automatically prioritized findings, organized from Priority 1 (P1) – Priority 3 (P3), that recommend when to respond: immediately, within the next day, or within the next few business days. Blumira’s SecOps team helps provide guidance and security expertise, and each finding comes with playbooks to walk IT teams through how to respond.
Detection Filters is included with the advanced edition of Blumira’s self-service cloud security information and event management (SIEM), offering detection and response with a variety of cloud and on-prem integrations.
To learn more, join an upcoming live demo with Jack Robb, Senior Solutions Engineer, at 1 p.m., (ET) on September 22, and dive into Blumira’s product and learn about the features and capabilities of Detection Filters. For more information, visit https://www.blumira.com/detection-filters-for-custom-rules/.