Skip to content
    April 15, 2021

    Blumira Accelerates Time to Detection to Milliseconds

    Recently, Blumira began a large-scale project to introduce a powerful new detection system called Real-Time Detections. We built this technology in-house to provide you with real-time notifications for many of the product’s native threat detections

    Blumira’s platform was based on a scheduled detection system that could have variable time windows between 5-30 minutes. It was important to accelerate our time to detection so that organizations would get notified faster of threats to stop attacks sooner.

    Our new Real-Time Detection system will give you an added advantage in defending your organization’s network by dramatically accelerating the speed of the product’s detection notifications and subsequently your time to respond. This new system will execute logic to notify organizations in as little as 800 milliseconds.

    How Do Detections Work?

    The legacy detection system inspected for specific events over a designated window of time by design. Stated differently, the conditions for a Finding to be generated was both a matched logged event and waiting for a designated window of time to elapse, which amounted to a regular delay between event happening and customer notification.

    Said legacy system was brilliant for threat detections involving repeated events representing a single malicious behavior like password spraying. It was less ideal for single moment-in-time threat detections such as virus alerts because of the implied notification latency.

    The legacy ‘windowed’ detection system will remain in production so the Blumira platform can take advantage of its strengths, such as the password spraying attack mentioned above, but we will also be dramatically re-balancing our dependence on it. Embracing both detection systems according to their strengths will give customers a better product experience.

    Why Does This Matter?

    Customers like you mean everything to Blumira. We take immense pride in doing everything we can to ensure you have an excellent product experience. The goal of this post is to keep you, the customer, fully informed about a major product update.

    What Should I Expect?

    There is no specific action needed at this time. However, please keep Blumira informed of any observed irregularities with Findings, such as spike in volume or other unexpected behavior. The product feedback is deeply appreciated.

    How Can I Reach Blumira Support?

    You can submit critical issues in two ways: 

    1. By submitting a Support request via case management available at blumira.zendesk.com and designating it “Urgent” priority. 
    2. Or by calling (877) 258-6472, selecting ‘2’ for Customer Support, and finally selecting ‘9’ to register a Critical support case.

    Try Out Blumira

    Not a customer? Try out Blumira’s automated detection & response platform, deploy in hours and get immediate security value. Sign up for a free trial or watch a demo to learn more.

    Tag(s): Product Updates , Blog

    Mike Behrmann

    Mike served at the National Security Agency for seven years where he focused on leading computer network exploitation operations and was later deployed to the FBI Detroit Division’s Cyber Task Force as a Threat Analyst. He joined NetWorks Group in 2015 where he and Matt Warner established the company’s Managed...

    More from the blog

    View All Posts