Now Available: Bulk Rule Management For MSPs

To all our MSPs: You’ve asked for this feature and we wanted to get it into your hands as early as possible! We will continue to refine it based on your feedback – please reach out to our team at ideas@blumira.com.

As an MSP administrator, you're extremely busy managing multiple client accounts with limited time to spend on one security tool. With that in mind, Blumira has released Bulk Rule Management, a feature of our MSP Portal that increases visibility into all detection rules, while saving you time managing and configuring detections across all of your client accounts. Bulk Detection Rule Management is a necessary building block towards Bulk Detection Filter Management which will be released in 2025.

Within the MSP Portal, MSPs can now:

• Set a default state for detection rules, overriding the Blumira default for newly onboarded accounts
• Bulk enable or disable detection rules across accounts
• See all potential detection rules in one place (not only ones for log types sent)

 Use preset filters to sort your list of rules:

• Findings past 24 hours
• Created in the past month
• Blumira or custom default state
• Default enabled or disabled
• Enabled or disabled for account
• Different from default state

Access this feature from your MSP Portal > Bulk Actions. Log into app.blumira.com to walk through how the feature works.

In the MSP Portal > Bulk Actions menu, you'll find key information about your detections, such as:

• A list of all potential detections in the platform, even if you aren't sending that type of data yet
• Total amount of findings from each detection across all of your accounts
• Count of both enabled and supported accounts
• Blumira's default state of each rule at time of deployment to the account
• Creation date of every rule, so you know which rules are newly added to the app

Blumira’s Incident Detection Engineering (IDE) team manages the detection rules that power Blumira’s platform to identify indicators of compromise early and often for our customers. They:

• Conduct threat hunting & release new detections every week
• Ensure actionable findings are sent within minutes (or less) of initial detection for the fastest response times

Use these preset filters to sort the list of rules:

• Findings past 24 hours
• Created in the past month
• Blumira or custom default state
• Default enabled or disabled
• Enabled or disabled for account
• Different from default state

Bulk enable or disable a detection rule across all accounts in just a few easy clicks.

Click on the checkbox at the top of the table to select all rules listed on the page, or select all rules, then click either Enable or Disable to bulk change the state of all the selected rules.

To update a single rule’s settings across multiple accounts, click on the detection rule in the list, then select Rule Details from the pop-up list of options.

On the Detection Rule window that pops up, select Accounts, the tab on the right. This will display a list of all supported accounts that you can disable rules for, based on the needs of your different customers.

Learn more about using Bulk Rule Management in our support article.

Automation to Save MSP Time Spent Managing SIEM

At Blumira, we listen to your needs and work to deliver solutions that prioritize automation and ease of use for MSPs that manage many different customer accounts. See our MSP reviews from Channel Partner Program:

“Blumira is a great service that does exactly as it says it will. The UI is simple and easy to use while still offering plenty of flexibility.” – Logan McCarthy, Security Systems Administrator, AllSafe IT

"Blumira has been easy to work with, MSP friendly, and their tech support is solid and responsive. The product itself is easy to install and configure, and you can create custom rules to really fit your environment to reduce the noise." – David Johnson, VP of Sales, The Fulcrum Group, Inc.

Request a free NFR account to try out Blumira’s MSP Portal features or book time with the MSP team to learn more. Reach out to us if you have any feedback or questions at msp@blumira.com.