Blumira Resources & Blog

Defend Against Cloud Threats With Cloud Connectors | Blumira

Written by Thu Pham | Jan 19, 2022 9:00:02 AM

Blumira has released Cloud Connectors, a new feature that enables small IT teams to quickly and easily set up cloud security in a matter of minutes.

Time to security is more critical than ever to detect and stop threats. Ransomware attacks continue to rise, increasingly targeting small and medium-sized businesses and service providers. As attack techniques evolve and breaches now take longer to detect and contain, the financial impact also increases, according to IBM’s Cost of a Data Breach 2021 report. Breaches that took more than 200 days to identify and contain resulted in 35% higher cost for impacted organizations, at $4.8 million on average.

To expedite our customers’ time to security for faster threat detection and resolution, we’ve introduced the fastest deployment for cloud security available in the industry today. 

Barriers to Cloud Security Success: Cost & Complexity

Until now, the cloud security monitoring, detection and response market has been too costly, complex and cumbersome to manage for organizations with small IT or security teams. 

One major deterrent of acquiring a SIEM solution is the implementation time, which can take 1-3 months and sometimes longer, according to G2’s estimates for top SIEM vendors. Many solutions aren’t designed to work right out of the box, with detections and tuning requiring additional development resources or available only as an add-on cost.

It’s no wonder that small and mid-sized organizations traditionally haven’t been able to access or afford these types of solutions, let alone have the time to trial or test a new security platform (who has months of extra IT time to spend on setting up a SIEM?). That can result in critical cloud security gaps that can result in ransomware and data breaches.

A Different Approach: Cloud Connectors From Blumira

Blumira is dedicated to making security accessible to all organizations by providing frictionless log collection, detection and response, with a deployment process intentionally built to reduce the time to security and burden on small IT teams.

Historically, we took a sensor-based approach to setting up log ingestion that required configuring an Ubuntu environment, which wasn’t ideal for Windows-based customers. While this deployment approach still brings the industry average for SIEM implementation down from months to hours, we knew we could provide even further value by shortening and simplifying cloud setup. 

We’ve designed a much easier approach for customers and partners to set up cloud applications with Blumira’s platform through Cloud Connectors — reducing setup time down from hours to minutes.

“The process of configuring the connector was straightforward – taking only 10 minutes or so.” 

— Naveed Khan, Ennovo Group (MSP)

Developed with a busy IT admin in mind, we’ve made it easy to:

  • Deploy Cloud Security, Even Faster: Set up cloud-based integrations in minutes without requiring any technical support or running anything on-premises, with readily-available links to our easy step-by-step documentation
  • Get Peace of Mind With Operational Visibility: Verify an integration is configured correctly, with logs being successfully ingested to Blumira’s service; see an inventory and status of all of their cloud integrations
  • Easily Manage Cloud Configurations: Modify the configuration of cloud integration (delete, deactivate, reactivate)

Cloud Connectors is currently available for Microsoft 365, Google Workspace, SentinelOne, Webroot, Mimecast, Duo Security, Cisco Umbrella, Sophos, JumpCloud, and OneLogin; we are actively working on building new integrations to support additional cloud services.

How Does It Work?

Watch this quick one-minute video to learn how to set up a cloud integration and start sending logs to Blumira’s platform for automated detection, response and reporting.

 

 

How To Set Up Cloud Connectors 

Cloud Connectors ingests log data directly from third-party APIs for the fast and easy set up of Blumira’s platform with your cloud applications.

First, you’ll need to request API keys from your third-party cloud application: Integration Key, Secret Key, and API Hostname. Once you have those, you can begin the integration setup with Blumira’s app.

Navigate to Infrastructure > Cloud Connectors, located within the left hand navigation in the Blumira app.

Click + Add Cloud Connector at the top:

Choose your cloud application – Microsoft 365, Google Workspace, SentinelOne, Webroot, Mimecast, Duo Security, Cisco Umbrella, Sophos, JumpCloud, and OneLogin are currently available.

Fill out the name fields, then copy and paste in your secret keys. 

Click Connect, and you should see a status indicator (Online, with a green dot) that tells you when you’ve successfully configured your cloud application and are sending logs to Blumira’s service. 

That’s it! Now Blumira’s platform will start analyzing your logs for indicators of threats and attacker behavior, send you detailed findings and playbooks on how to respond.

Easy to Deploy, Use and Manage

Cloud Connectors provides the fastest log collection, detection and response setup in the industry. Combined with our pre-tuned detections, customers can leverage Cloud Connectors to automate and accelerate their time to security. 

We’re committed to making security as fast, easy and approachable as possible for organizations of all sizes. Please contact us with any feedback or questions – we’d love to hear from you! If you’d like to try it, sign up for a free SIEM today