Skip to content
    June 12, 2024

    May 2024 Product Release Notes

    Release Notes Summary

    In May, we announced new subscription options for folks that are currently on our Free SIEM edition and want the ease of monthly commitments with the benefits of features like Blumira Agent and Security Operations and Technical Support. We also added a 1Password integration to our growing list of Cloud Connectors, and improved how new Microsoft 365 integrations are validated to ensure long-term stability.

    Feature and Platform Updates

    • Self-Service Subscriptions: Organizations currently on the Free SIEM edition who want the ease of purchasing and managing billing options directly in the app without a large annual commitment can upgrade to SIEM Starter or SIEM Starter + Compliance, detailed here. To review the new options in the app, navigate to the Billing page (Settings > Billing) and then update your subscription and billing information in Blumira if interested.
    • New Cloud Connector: Our new 1Password integration helps you collect and centralize your password manager logs to increase your visibility of activity and meet compliance needs.

    Detection Updates

    Log Type Detection Details
    SonicWall Traffic SonicWall: Login Failure
    We deprecated this original indicator detection rule and replaced it with the windowed detection rule described below. This original rule was generating findings with excessive numbers (many thousands) of rows of evidence, which led to crashes and prevented finding resolution in the app.
    SonicWall Traffic NEW - SonicWall: 5 or More Login Failures in 15 Minutes
    This new windowed detection rule replaces the “SonicWall: Login Failure” rule. It triggers a finding when there are five or more login attempts that fail on a device within a 15-minute window.
    HTTP Access (Apache/IIS/NginX) ConnectWise ScreenConnect SetupWizard Authentication Bypass CVE-2024-1709
    We lowered the priority of this detection from a P1 to a P3 Threat.

    Bug Fixes and Improvements

    We added clear messaging in the Blumira Investigate results window when there are no results for the search so users are not left wondering whether the page is blank due to a loading error.

    We released several improvements to error handling during the configuration of M365, SentinelOne, Google Workspace, and OneLogin Cloud Connectors. Users now see actionable errors and troubleshooting help when a new integration fails to successfully connect.

    April Release Notes

    In case you missed the April updates, you can find and review those notes here.

    More from the blog

    View All Posts