While the majority of SMBs (small and mid-sized businesses) are running on the Microsoft Windows operating system, Apple Mac usage has risen in popularity in recent years. Mac laptop usage rose 63% during the pandemic, with the trend resulting in more mixed Mac and Windows deployments (Computerworld). Likewise, we’ve heard from our customers that they had a strong preference for more Mac and Linux detections and the ability to send logs from remote endpoints running these operating systems.
Blumira’s SIEM + XDR solution pulls in data from many different sources – including firewalls, endpoints, cloud applications and infrastructure, servers, and more – analyzing logs for the detection of threats, while providing playbooks and automated response options. We released the ability to use Blumira Agent to collect logs from Windows endpoints in early 2022, providing advanced detection and automated response, including the ability to immediately isolate endpoints.
Now Blumira Agent can collect logs from additional Mac and Linux endpoints, supporting devices running on all different operating systems. Blumira simplifies an IT administrator’s ability to use one platform to monitor all devices for the security of their organization, making security easy, effective and efficient for lean teams.
Benefits of Blumira Agent Across All Platforms
The more data we can analyze, the greater our visibility into potential threats. Blumira Agent is one way to collect additional data from remote endpoints and send it to Blumira’s SIEM for threat analysis.
This allows us to detect and respond faster and earlier to help prevent malware infection, including ransomware, or data breaches.
Blumira correlates endpoint data against many other data sources to identify threats earlier that other tools may miss (like standalone endpoint detection and response (EDR) products).
Overall benefits include:
- Security coverage for work-from-home employees & all remote endpoints across Windows, Mac & Linux
- Broader visibility into remote endpoint risks; detect and quickly remediate threats
- Contain the spread of ransomware by automatically isolating affected endpoints
- Frictionless installation in minutes requires no sensor or on-prem infrastructure
- Easily satisfy compliance and cyber insurance requirements for data retention, SIEM and endpoint security with Blumira
What you can do — the value you get from Blumira Agent:
- Save time managing & monitoring your devices with one platform
- Detect threats that other tools may miss by comparing data across entire environment, not just endpoint
- Respond automatically by isolating devices during off hours, keeping your business safe 24/7
- Easily manage all devices & see their agent status (off/online/isolated) in one platform
- Streamline security workflows by accessing associated logs & findings within Report Builder
With automated response capabilities, your team can have around the clock coverage without requiring any manual intervention. Automated Host Isolation will immediately contain an endpoint associated with a priority finding until you have time to investigate further.
How Can I Install Blumira Agent For Mac & Linux?
It’s easy to install agents across additional endpoints in your environment. Blumira allows you to generate a custom script in-app, then use that to quickly install Blumira Agent on your endpoints.
Navigate to Blumira Agent within the app menu, then select Installation. Choose Create new installation key, then select the desired platform. Copy your custom installation script below after it appears in the box.
Then you’ll need to run your script. The steps you take to run it will vary based on the operating system you chose.
- For Windows, you can paste the script into an elevated PowerShell prompt, then press enter to complete installation automatically.
- For Linux, you can paste the script into your Linux terminal, then press enter to complete installation automatically.
- For Mac, you can paste the script into your Terminal and then follow these instructions.
See all additional support articles on using Blumira Agent, automated host isolation and more.
Coming Soon: Mac & Linux Detections
Stay tuned for the upcoming release of new detection rules to help you identify and respond to different types of anomalous behavior, including:
- Elevation of user privileges to admin privileges, used by attackers to conduct malicious activity
- Suspicious changes to files that could be used to launch malware, or result in leaked data
- Shutting down of logging services and hidden file creation and execution, used to evade detection
And much more, including 2 global reports.
Note: actual detections may vary after initial testing and tuning by our incident detection engineers.
Easy to Install & Detect Threats
“It was very easy. I followed the step-by-step guides for a couple of my clients; deployed the server, followed the guide and did it – no problem. I deployed to endpoints with the RMM tool and used Blumira’s script. It was easier than I thought and I was happy with that.
Blumira Agent is on a handful of machines right now. It alerts me when it detects potential threats and is great for endpoints that aren’t directly attached to the corporate network.”
– Frank DeLuca, President, The CTO Agency
Blumira Agent: Available in SIEM+ and XDR Platform Editions
Reach out to us if you’d like a custom quote and learn more about our pricing to help meet your organization’s needs. If you’ve been waiting to try out our SIEM+ or XDR Platform editions (Blumira Agent included), now is a great time to get a free trial or upgrade – contact us to learn more.
Thu Pham
Thu has over 15 years of experience in the information security and technology industries. Prior to joining Blumira, she held both content and product marketing roles at Duo Security, leading go-to-market (GTM) and messaging for the portfolio solution Cisco Zero Trust. She holds a bachelor of science degree in...
More from the blog
View All PostsCustomer Story: Girl Scouts of Southeastern Michigan
Read MoreCustomer Story: Mid-Sized Manufacturing Firm
Read MoreDetect and Respond to Azure Threats With Blumira: Easy Cloud SIEM Setup
Read MoreSubscribe to email updates
Stay up-to-date on what's happening at this blog and get additional content about the benefits of subscribing.