Skip to content
Search
Get A Demo
Try For Free
    Get A Demo
    Try For Free
      Security and Compliance

      SIEM + XDR Pricing

      Our simple employee based pricing model provides cost certainty and comprehensive security without budget surprises. Let's chat today about how Blumira can help!

      Try Now
      $0
      see how it works
      Access to everything below:
       
      Get Started
      • Check 14 days retention
      • Check Choose 3 cloud integrations**
      • Check Log collection & threat analysis
      • Check Real-time detections
      • Check Response playbooks
      • Check Dashboard summary & basic reporting
      • Check Email notifications
      SIEM Starter
      $12
      per employee/month

      Pricing is based on the total number of “employees” or knowledge workers in your organization (it does not refer to the number of users or admins with Blumira accounts). A knowledge worker is an employee with a corporate email address and workstation/device (may not include number of factory workers or students at a university).

      This helps us determine a more accurate estimate of the amount of data you are sending to our platform.
      Everything in Free SIEM, plus compliance and support:
      Get a Demo
      • Check 1 year retention
      • Check All cloud integrations & managed detections
      • Check Access to sensors
      • Check Detection filters
      • Check Advanced dashboards & compliance reports
      • Check Notifications (voice, email & text)
      • Check Concierge support (9am-8pm ET)
      SIEM+
      $16
      per employee/month

      Pricing is based on the total number of “employees” or knowledge workers in your organization (it does not refer to the number of users or admins with Blumira accounts). A knowledge worker is an employee with a corporate email address and workstation/device (may not include number of factory workers or students at a university).

      This helps us determine a more accurate estimate of the amount of data you are sending to our platform.
      Everything in SIEM Starter, plus:
      Get A Demo
      • Check 1 year retention, with longer term retention available
      • Check Endpoint detection & response (EDR)
      • Check Manual threat response (compromised user lockout & host isolation)
      • Check Dynamic blocklists
      • Check Honeypots
      • Check Blumira Investigate
      • Check 24/7 incident support
      • Check Dedicated CSM & external threat assessments
      XDR
      $21
      per employee/month

      Pricing is based on the total number of “employees” or knowledge workers in your organization (it does not refer to the number of users or admins with Blumira accounts). A knowledge worker is an employee with a corporate email address and workstation/device (may not include number of factory workers or students at a university).

      This helps us determine a more accurate estimate of the amount of data you are sending to our platform.
      Everything in SIEM +, plus:
       
      Get A Demo
      • Check 1 year retention, with longer term retention available
      • Check Automated threat response (host isolation & dynamic blocklists)
      • Check API Access
      • Check White glove onboarding included

      Volume, education and nonprofit discounts available. Contact sales for custom quote.

      Pricing is based on the total number of “employees” or knowledge workers in your organization (it does not refer to the number of users or admins with Blumira accounts). A knowledge worker is an employee with a corporate email address and workstation/device (may not include number of factory workers or students at a university).

      Support You Need,
      How & When You Need It

      Blumira support is unparalleled, with four dedicated teams that consistently achieve a 99.7% customer satisfaction rating. Our support teams pride themselves on providing lightning-fast response times – 26 minutes on average.

      IDE
      Incident Detection Engineers

      The security engineering team powering the Blumira platform, constantly creating, testing, and deploying new detections and enhancements to the platform. Keeping your security up-to-date without you lifting a finger.
      Secops
      Security Operations

      A team of security professionals standing by to help out with any security questions or concerns you have on your alerts. They’re available 24/7 for security incidents for SIEM+ and XDR customers.
      SAs
      Solution Architects

      Working with you from day 1 to create a foundation for security success, including advising on your overall security posture, conducting threat surface assessments, and helping you to successfully integrate as much of your environment as possible with Blumira.
      CSM
      Customer Success Managers

      Understanding and helping you to meet your security and compliance goals with Blumira, through setting up an onboarding plan, conducting training, and meeting with you regularly to help maximize your Blumira experience.

      Compare SIEM & XDR Editions

      Easily meet compliance with SIEM data retention, security reporting, 24/7 SecOps and more.

      Try Now

      Get real security value with out-of-the-box detection and response for up to 3 cloud integrations in minutes

      Get Started

      SIEM Starter

      Meet compliance standards and expanded visibility and security coverage with all cloud integrations

      Get A Demo

      SIEM+

      Enhanced protection with more on-prem integrations and 24/7 incident support

      Get A Demo

      XDR

      Stop threats faster with comprehensive coverage, automated security features and white-glove onboarding

      Get A Demo
      DATA
      Data Ingestion
      Limited
      Unlimited
      Unlimited
      Unlimited
      Data Retention
      14 Days
      1 year
      1 year
      1 year
      Long Term Storage Options
      INGESTION
      Cloud Connectors
      Up to 3
      On-Prem Sensors
      ENDPOINT SECURITY
      Endpoint Detections
      Via Sensor
      Blumira Agent
      Blumira Agent
      Agents Included
      1 per employee
      1 per employee
      Ability To Buy Additional Agents
      Endpoint Visibility
      LOGGING
      Log Collection
      Threat Analysis
      DETECTION
      Managed Detection
      Real-time only
      Detection Rule Insight
      Detection Rule Management
      Detection Filters
      Custom Detections Available
      EDR
      Sensor Detections
      AUTOMATED RESPONSE
      Automated Dynamic Blocklists
      Automated Host Isolation for Agent
      MANUAL RESPONSE
      Response Playbooks
      Manual Host Isolation for Agent
      Manual Dynamic Blocklists
      Compromised User Lockout
      DASHBOARDS
      Dashboard Summary
      Advanced Dashboards
      Reporting
      Saved Reports
      Basic
      Advanced
      Advanced
      Advanced
      Compliance Reports
      Basic
      Advanced
      Advanced
      Advanced
      Report Builder
      Blumira Investigate
      Executive Summaries
      Quarterly only
      Deception Technology
      Honeypots
      SPECIAL OFFERS
      Trava Compliance Services
      20% Off
      20% Off
      20% Off
      FounderShield Insurance
      20% Off
      20% Off
      20% Off
      Additional Functionality
      API
      SAML
      Notifications
+ Support
      Notifications (Voice, Text, Email)
      Email Only
      White Glove Onboarding (One Time Fee - Required)
      $250
      $500
      Included
      Concierge Support (9am - 8pm ET)
      24/7 Incident Support
      External Threat Surface Assessment (Biannually)
      Dedicated CSM + Recurring Syncs (Quarterly)
      • Free SIEM
      • SIEM Starter
      • SIEM +
      • XDR
      Free SIEM
      Get real security value with out-of-the-box detection and response for up to 3 cloud integrations in minutes
      Get Started
      DATA
      Data Ingestion
      Limited
      Data Retention
      14 Days
      Long Term Storage Options
      Ingestion
      Cloud Connectors
      Up to 3
      On-Prem Sensors
      Endpoint Security
      Endpoint Detections
      Agents Included
      Ability To Buy Additional Agents
      Endpoint Visibility
      Logging
      Log Collection
      Threat Analysis
      Detection
      Managed Detection
      Real-time only
      Detection Rule Insight
      Detection Rule Management
      Detection Filters
      Custom Detections Available
      EDR
      Automated Response
      Automated Dynamic Blocklists
      Automated Host Isolation for
      Manual Response
      Response Playbooks
      Manual Host Isolation for Agent
      Manual Dynamic Blocklists
      Compromised User Lockout
      dashboards
      Dashboard Summary
      Advanced Dashboards
      Reporting
      Saved Reports
      Basic
      Compliance Reports
      Basic
      Report Builder
      Blumira Investigate
      Executive Summaries
      Deception Technology
      Honeypots
      SPECIAL OFFERS
      Trava Compliance Services
      FounderShield Insurance
      AdditionalFunctionality
      API
      SAML
      Notifications
+ Support
      Notifications (Voice, Text, Email)
      Email Only
      White Glove Onboarding (One Time Fee - Required)
      Concierge Support (9am - 8pm ET)
      Emergency After Hours Support (24/7 for Critical Priority Issues)
      External Threat Surface Scans (Biannually)
      Dedicated CSM + Recurring Syncs (Quarterly)
      SIEM Starter
      Meet compliance standards and expanded visibility and security coverage with all cloud integrations
      Get A Demo
      DATA
      Data Ingestion
      Unlimited
      Data Retention
      1 year
      Long Term Storage Options
      INGESTION
      Cloud Connectors
      On-Prem Sensors
      ENDPOINT SECURITY
      Endpoint Detections
      Via Sensor
      Agents Included
      Ability To Buy Additional Agents
      Endpoint Visibility
      LOGGING
      Log Collection
      Threat Analysis
      DETECTION
      Managed Detection
      Detection Rule Insight
      Detection Rule Management
      Detection Filters
      Custom Detections Available
      EDR
      Sensor Detections
      AUTOMATED RESPONSE
      Automated Dynamic Blocklists
      Automated Host Isolation for Agent
      MANUAL RESPONSE
      Response Playbooks
      Manual Host Isolation for Agent
      Manual Dynamic Blocklists
      Compromised User Lockout
      DASHBOARDS
      Dashboard Summary
      Advanced Dashboards
      Reporting
      Saved Reports
      Advanced
      Compliance Reports
      Advanced
      Report Builder
      Blumira Investigate
      Executive Summaries
      Quarterly only
      Deception Technology
      Honeypots
      SPECIAL OFFERS
      Trava Compliance Services
      20% Off
      FounderShield Insurance
      20% Off
      Additional Functionality
      API
      SAML
      Notifications
+ Support
      Notifications (Voice, Text, Email)
      White Glove Onboarding (One Time Fee - Required)
      $250
      Concierge Support (9am - 8pm ET)
      Emergency After Hours Support (24/7 for Critical Priority Issues)
      External Threat Surface Scans (Biannually)
      Dedicated CSM + Recurring Syncs (Quarterly)
      SIEM +
      Enhanced protection with more on-prem integrations and 24/7 emergency security support
      Get A Demo
      DATA
      Data Ingestion
      Unlimited
      Data Retention
      1 year
      Long Term Storage Options
      INGESTION
      Cloud Connectors
      On-Prem Sensors
      ENDPOINT SECURITY
      Endpoint Detections
      Blumira Agent
      Agents Included
      1 per employee
      Ability To Buy Additional Agents
      Endpoint Visibility
      LOGGING
      Log Collection
      Threat Analysis
      DETECTION
      Managed Detection
      Detection Rule Insight
      Detection Rule Management
      Detection Filters
      Custom Detections Available
      EDR
      AUTOMATED RESPONSE
      Automated Dynamic Blocklists
      Automated Host Isolation for Agent
      MANUAL RESPONSE
      Response Playbooks
      Manual Host Isolation for Agent
      Manual Dynamic Blocklists
      Compromised User Lockout
      DASHBOARDS
      Dashboard Summary
      Advanced Dashboards
      Reporting
      Saved Reports
      Advanced
      Compliance Reports
      Advanced
      Report Builder
      Blumira Investigate
      Executive Summaries
      Deception Technology
      Honeypots
      SPECIAL OFFERS
      Trava Compliance Services
      20% Off
      FounderShield Insurance
      20% Off
      Additional Functionality
      API
      SAML
      Notifications
+ Support
      Notifications (Voice, Text, Email)
      White Glove Onboarding (One Time Fee - Required)
      $500
      Concierge Support (9am - 8pm ET)
      Emergency After Hours Support (24/7 for Critical Priority Issues)
      External Threat Surface Scans (Biannually)
      Dedicated CSM + Recurring Syncs (Quarterly)
      XDR
      Stop threats faster with comprehensive coverage, automated security features and white-glove onboarding
      Get A Demo
      DATA
      Data Ingestion
      Unlimited
      Data Retention
      1 year
      Long Term Storage Options
      INGESTION
      Cloud Connectors
      On-Prem Sensors
      ENDPOINT SECURITY
      Endpoint Detections
      Blumira Agent
      Agents Included
      1 per employee
      Ability To Buy Additional Agents
      Endpoint Visibility
      LOGGING
      Log Collection
      Threat Analysis
      DETECTION
      Managed Detection
      Detection Rule Insight
      Detection Rule Management
      Detection Filters
      Custom Detections Available
      EDR
      AUTOMATED RESPONSE
      Automated Dynamic Blocklists
      Automated Host Isolation for Agent
      MANUAL RESPONSE
      Response Playbooks
      Manual Host Isolation for Agent
      Manual Dynamic Blocklists
      Compromised User Lockout
      DASHBOARDS
      Dashboard Summary
      Advanced Dashboards
      Reporting
      Saved Reports
      Advanced
      Compliance Reports
      Advanced
      Report Builder
      Blumira Investigate
      Executive Summaries
      Deception Technology
      Honeypots
      SPECIAL OFFERS
      Trava Compliance Services
      20% Off
      FounderShield Insurance
      20% Off
      Additional Functionality
      API
      SAML
      Notifications
+ Support
      Notifications (Voice, Text, Email)
      White Glove Onboarding (One Time Fee - Required)
      Included
      Concierge Support (9am - 8pm ET)
      Emergency After Hours Support (24/7 for Critical Priority Issues)
      External Threat Surface Scans (Biannually)
      Dedicated CSM + Recurring Syncs (Quarterly)

      MSP pricing and packaging will differ. Contact msp@blumira.com for more details.
      *Subject to our Terms and Conditions.
      **Free SIEM can choose up to 3 cloud integrations: Microsoft 365, Google Workspace, SentinelOne, Webroot, Mimecast, Duo Security, Cisco Umbrella, Sophos, JumpCloud, OneLogin, 1Password, Google Cloud, Azure, CrowdStrike, and MS Defender for Cloud Apps

      See FAQ for more information on employees (it does not refer to the number of users or admins with Blumira accounts).


      Customers Love Blumira

      Hear what our clients are saying.

      quote

      “For a certain size of customer with no staff or only one security staff member, Blumira is an absolute godsend.”

      Jason Waits
      CISO, Inductive Automotive
      quote

      “The system is very easy to understand and implement and they do ALL the heavy lifting for you. I can't express this enough. My small team has found it to be a very affordable and efficient product not only notifying us of things we otherwise wouldn't detect but also teaching us things we didn't know we needed to know! ”

      Casey S.
      IT Leader, small business
      quote

      “Overall, Blumira is an AWESOME hosted SIEM/MDR solution at an extremely reasonable price point. It's also a fraction of the cost [of a traditional SIEM], and top-notch support is included in the price.”

      Jon I.
      Principle Consultant, mid-sized business

      Frequently Asked Questions

      What defines an employee?

      Pricing is based on the total number of “employees” or knowledge workers in your organization (it does not refer to the number of users or admins with Blumira accounts). A knowledge worker is an employee with a corporate email address and workstation/device (may not include number of factory workers or students at a university).

      This helps us determine a more accurate estimate of the amount of data you are sending to our platform.

      What can I expect with Blumira Free SIEM edition?

      Choose up to 3 cloud integrations – Microsoft 365, SentinelOne, Webroot, Mimecast, Duo Security, Cisco Umbrella, OneLogin and more – to start streaming logs to Blumira for advanced threat detection and response. Get started in minutes with: What to Expect With Blumira’s Free Edition

       

      How can I protect my full tech stack?

      SIEM Starter, SIEM+, and XDR provide access to all cloud and on-prem including Windows Server, firewalls, identity and more, SEIM+ and XDR include endpoint visibility for Windows, MacOS and Linux endpoints.

      What do I need to help meet compliance?

      While compliance regulations may vary,  industry standards and upcoming cybersecurity insurance mandates often require at least one year of data retention for audit trails, log monitoring, investigation and incident response. Purchase SIEM Starter, SIEM+ or XDR for one year data retention.

      Is there an employee minimum?

      All paid editions of Blumira have a minimum of 10 employees. Our Free SIEM has no minimum and comes with unlimited employees.

      How do you provide support?

      Customer support is available for paid editions only. Your team can contact our support directly in the Blumira app, by email or calling our support line. For SIEM+ and XDR Platform, Blumira provides emergency after hours support 24 hours, 7 days a week for security incident issues. Free SIEM users have access to our support documentation.

       

      Is there a contract term?

      Our contract terms for SIEM Starter, SIEM + and XDR are contracted on an annual basis.

      How can I purchase Blumira Agent?

      SIEM +, and XDR come bundled with 1 Blumira Agent per employee. SIEM Starter, SIEM+ and XDR have the ability to purchase additional agents at $3 per agent per month. MSP pricing and packaging will differ – contact msp@blumira.com for more details.

      Still Have Questions?

      We’re happy to answer any questions about our editions and provide a custom price quote.

      Talk to Sales