At scale, people can create cascading problems and the best way to mitigate these problems is through validation and intentional efforts. As a security organization, Blumira has maintained that to be easy to use, we must also be trustworthy and ensure that our work meets the expectations of all users. Like many organizations, Blumira is SOC 2 Type 2 compliant, but providing a robust service that maintains a high quality of stewardship for its customers must go beyond mere compliance.
Blumira’s team of engineers are committed to ensuring our platform and infrastructure are reliable and secure to best serve our customers and partners, with the following practices:
By protecting log data both in transit and at rest, Blumira ensures attackers can’t gain access to your log archives to read data without the appropriate keys. Least privilege practices makes the Blumira log database accessible only to internal Blumira services and parties that require access. For data integrity, Blumira validates that incoming logs haven’t been tampered with through periodic review and internal processes, and provides alerts for file-integrity monitoring (FIM) technology whenever changes are detected.
The Blumira threat detection framework focuses on intrusion behaviors given the ubiquity of Living-Off-the-Land tactics, while also aligning with the MITRE ATT&CK Framework. Loud and/or inaccurate security products can easily lead to alert fatigue, resulting in customers that ultimately ignore their own security tools. With that in mind, the Blumira security team designs, tests, and curates threat detections to be high fidelity from the moment of deployment. All customers receive both a contextual analysis and explicit workflow steps to first qualify and then mitigate all detected threats.
Blumira platform updates are cloud-delivered, sending them automatically to your organization to reduce any lag or downtime. This ensures that you’re detecting and alerting on the most important issues, around the clock. The Blumira engineering team develops and maintains parsers for a wide variety of technical integrations on an ongoing basis to save your team the time and resources of standardizing log data collection.
Blumira leverages Google Cloud and Google Compute Platform (GCP) to provide a highly available security platform for our customers. Blumira maintains 99.99% uptime to ensure our service is always available and reliable.
Blumira underwent a rigorous independent audit conducted by an external auditor to complete a SOC 2 (Service Organization Control) examination that ensures Blumira’s security protocols and use of data meet strict data security requirements established by the American Institute of CPAs (AICPA).
We also partner with trusted providers to ensure the line of trust is solid and our customers stay protected. Here's a statement from LimaCharlie, a partner that we leverage to power our endpoint visibility and response agent, Blumira Agent for Windows, Mac & Linux devices:
“At LimaCharlie, we understand the critical importance of system stability and the potential impact of security software not only on your security operations, but your business operations as well. We want to assure our customers that the type of system-wide failure recently experienced by CrowdStrike customers affecting nearly 8.5 million devices is simply not possible with LimaCharlie's architecture. Here's why…”
– See LimaCharlie blog post for more details, LimaCharlie's commitment to stability and control
We are committed to providing you with a reliable, high-availability and secure platform. Reach out to us if you have any questions or concerns -- we are here to help.