- Product
Product Overview
Sophisticated security with unmatched simplicityCloud SIEM
Pre-configured detections across your environmentHoneypots
Deception technology to detect lateral movementEndpoint Visibility
Real-time monitoring with added detection & responseSecurity Reports
Data visualizations, compliance reports, and executive summariesAutomated Response
Detect, prioritize, and neutralize threats around the clockIntegrations
Cloud, on-prem, and open API connectionsXDR Platform
A complete view to identify risk, and things operational
- Pricing
- Why Blumira
Why Blumira
The Security Operations platform IT teams loveWatch A Demo
See Blumira in action and how it builds operational resilienceUse Cases
A unified security solution for every challengePricing
Unlimited data and predictable pricing structureCompany
Our human-centered approach to cybersecurityCompare Blumira
Find out how Blumira stacks up to similar security toolsIntegrations
Cloud, on-prem, and open API connectionsCustomer Stories
Learn how others like you found success with Blumira
- Solutions
- Partners
- Resources
Security and Compliance
SIEM + XDR Pricing
Our simple employee based pricing model provides cost certainty and comprehensive security without budget surprises. Let's chat today about how Blumira can help!
Free SIEM
14 days retention
Choose 3 cloud integrations**
Log collection & threat analysis
Real-time detections
Response playbooks
Dashboard summary & basic reporting
Email notifications
SIEM Starter
$12
per employee/month
Pricing is based on the total number of “employees” or knowledge workers in your organization (it does not refer to the number of users or admins with Blumira accounts). A knowledge worker is an employee with a corporate email address and workstation/device (may not include number of factory workers or students at a university).
This helps us determine a more accurate estimate of the amount of data you are sending to our platform.
1 year retention
All cloud integrations & managed detections
Access to sensors
Detection filters
Advanced dashboards & compliance reports
Notifications (voice, email & text)
Concierge support (9am-8pm ET)
SIEM+
$16
per employee/month
Pricing is based on the total number of “employees” or knowledge workers in your organization (it does not refer to the number of users or admins with Blumira accounts). A knowledge worker is an employee with a corporate email address and workstation/device (may not include number of factory workers or students at a university).
This helps us determine a more accurate estimate of the amount of data you are sending to our platform.
1 year retention, with longer term retention available
Endpoint detection & response (EDR)
Manual threat response (compromised user lockout & host isolation)
Dynamic blocklists
Honeypots
Blumira Investigate
24/7 incident support
Dedicated CSM & external threat assessments
XDR
$21
per employee/month
Pricing is based on the total number of “employees” or knowledge workers in your organization (it does not refer to the number of users or admins with Blumira accounts). A knowledge worker is an employee with a corporate email address and workstation/device (may not include number of factory workers or students at a university).
This helps us determine a more accurate estimate of the amount of data you are sending to our platform.
1 year retention, with longer term retention available
Automated threat response (host isolation & dynamic blocklists)
API Access
White glove onboarding included
Volume, education and nonprofit discounts available. Contact sales for custom quote.
Pricing is based on the total number of “employees” or knowledge workers in your organization (it does not refer to the number of users or admins with Blumira accounts). A knowledge worker is an employee with a corporate email address and workstation/device (may not include number of factory workers or students at a university).
Support You Need,
How & When You Need It
Blumira support is unparalleled, with four dedicated teams that consistently achieve a 99.7% customer satisfaction rating. Our support teams pride themselves on providing lightning-fast response times – 26 minutes on average.
Incident Detection Engineers
Security Operations
Solution Architects
Customer Success Managers
Compare SIEM & XDR Editions
Easily meet compliance with SIEM data retention, security reporting, 24/7 SecOps and more.
Free SIEM
Get real security value with out-of-the-box detection and response for up to 3 cloud integrations in minutes
SIEM Starter
Meet compliance standards and expanded visibility and security coverage with all cloud integrations
DATA
Data Ingestion
Limited
Unlimited
Unlimited
Unlimited
Data Retention
14 Days
1 year
1 year
1 year
Long Term Storage Options
INGESTION
Cloud Connectors
Up to 3
On-Prem Sensors
ENDPOINT SECURITY
Endpoint Detections
Via Sensor
Blumira Agent
Blumira Agent
Agents Included
1 per employee
1 per employee
Ability To Buy Additional Agents
Endpoint Visibility
LOGGING
Log Collection
Threat Analysis
DETECTION
Managed Detection
Real-time only
Detection Rule Insight
Detection Rule Management
Detection Filters
Custom Detections Available
EDR
Sensor Detections
AUTOMATED RESPONSE
Automated Dynamic Blocklists
Automated Host Isolation for Agent
MANUAL RESPONSE
Response Playbooks
Manual Host Isolation for Agent
Manual Dynamic Blocklists
Compromised User Lockout
DASHBOARDS
Dashboard Summary
Advanced Dashboards
Reporting
Saved Reports
Basic
Advanced
Advanced
Advanced
Compliance Reports
Basic
Advanced
Advanced
Advanced
Report Builder
Blumira Investigate
Executive Summaries
Quarterly only
Deception Technology
Honeypots
SPECIAL OFFERS
Trava Compliance Services
20% Off
20% Off
20% Off
FounderShield Insurance
20% Off
20% Off
20% Off
Additional Functionality
API
SAML
Notifications
+ Support
Notifications (Voice, Text, Email)
Email Only
White Glove Onboarding (One Time Fee - Required)
$250
$500
Included
Concierge Support (9am - 8pm ET)
24/7 Incident Support
External Threat Surface Assessment (Biannually)
Dedicated CSM + Recurring Syncs (Quarterly)
- Free SIEM
- SIEM Starter
- SIEM +
- XDR
Free SIEM
Get real security value with out-of-the-box detection and response for up to 3 cloud integrations in minutes
DATA
Data Ingestion
Limited
Data Retention
14 Days
Long Term Storage Options
Ingestion
Cloud Connectors
Up to 3
On-Prem Sensors
Endpoint Security
Endpoint Detections
Agents Included
Ability To Buy Additional Agents
Endpoint Visibility
Logging
Log Collection
Threat Analysis
Detection
Managed Detection
Real-time only
Detection Rule Insight
Detection Rule Management
Detection Filters
Custom Detections Available
EDR
Automated Response
Automated Dynamic Blocklists
Automated Host Isolation for
Manual Response
Response Playbooks
Manual Host Isolation for Agent
Manual Dynamic Blocklists
Compromised User Lockout
dashboards
Dashboard Summary
Advanced Dashboards
Reporting
Saved Reports
Basic
Compliance Reports
Basic
Report Builder
Blumira Investigate
Executive Summaries
Deception Technology
Honeypots
SPECIAL OFFERS
Trava Compliance Services
FounderShield Insurance
AdditionalFunctionality
API
SAML
Notifications
+ Support
Notifications (Voice, Text, Email)
Email Only
White Glove Onboarding (One Time Fee - Required)
Concierge Support (9am - 8pm ET)
Emergency After Hours Support (24/7 for Critical Priority Issues)
External Threat Surface Scans (Biannually)
Dedicated CSM + Recurring Syncs (Quarterly)
SIEM Starter
Meet compliance standards and expanded visibility and security coverage with all cloud integrations
DATA
Data Ingestion
Unlimited
Data Retention
1 year
Long Term Storage Options
INGESTION
Cloud Connectors
On-Prem Sensors
ENDPOINT SECURITY
Endpoint Detections
Via Sensor
Agents Included
Ability To Buy Additional Agents
Endpoint Visibility
LOGGING
Log Collection
Threat Analysis
DETECTION
Managed Detection
Detection Rule Insight
Detection Rule Management
Detection Filters
Custom Detections Available
EDR
Sensor Detections
AUTOMATED RESPONSE
Automated Dynamic Blocklists
Automated Host Isolation for Agent
MANUAL RESPONSE
Response Playbooks
Manual Host Isolation for Agent
Manual Dynamic Blocklists
Compromised User Lockout
DASHBOARDS
Dashboard Summary
Advanced Dashboards
Reporting
Saved Reports
Advanced
Compliance Reports
Advanced
Report Builder
Blumira Investigate
Executive Summaries
Quarterly only
Deception Technology
Honeypots
SPECIAL OFFERS
Trava Compliance Services
20% Off
FounderShield Insurance
20% Off
Additional Functionality
API
SAML
Notifications
+ Support
Notifications (Voice, Text, Email)
White Glove Onboarding (One Time Fee - Required)
$250
Concierge Support (9am - 8pm ET)
Emergency After Hours Support (24/7 for Critical Priority Issues)
External Threat Surface Scans (Biannually)
Dedicated CSM + Recurring Syncs (Quarterly)
DATA
Data Ingestion
Unlimited
Data Retention
1 year
Long Term Storage Options
INGESTION
Cloud Connectors
On-Prem Sensors
ENDPOINT SECURITY
Endpoint Detections
Blumira Agent
Agents Included
1 per employee
Ability To Buy Additional Agents
Endpoint Visibility
LOGGING
Log Collection
Threat Analysis
DETECTION
Managed Detection
Detection Rule Insight
Detection Rule Management
Detection Filters
Custom Detections Available
EDR
AUTOMATED RESPONSE
Automated Dynamic Blocklists
Automated Host Isolation for Agent
MANUAL RESPONSE
Response Playbooks
Manual Host Isolation for Agent
Manual Dynamic Blocklists
Compromised User Lockout
DASHBOARDS
Dashboard Summary
Advanced Dashboards
Reporting
Saved Reports
Advanced
Compliance Reports
Advanced
Report Builder
Blumira Investigate
Executive Summaries
Deception Technology
Honeypots
SPECIAL OFFERS
Trava Compliance Services
20% Off
FounderShield Insurance
20% Off
Additional Functionality
API
SAML
Notifications
+ Support
Notifications (Voice, Text, Email)
White Glove Onboarding (One Time Fee - Required)
$500
Concierge Support (9am - 8pm ET)
Emergency After Hours Support (24/7 for Critical Priority Issues)
External Threat Surface Scans (Biannually)
Dedicated CSM + Recurring Syncs (Quarterly)
XDR
Stop threats faster with comprehensive coverage, automated security features and white-glove onboarding
DATA
Data Ingestion
Unlimited
Data Retention
1 year
Long Term Storage Options
INGESTION
Cloud Connectors
On-Prem Sensors
ENDPOINT SECURITY
Endpoint Detections
Blumira Agent
Agents Included
1 per employee
Ability To Buy Additional Agents
Endpoint Visibility
LOGGING
Log Collection
Threat Analysis
DETECTION
Managed Detection
Detection Rule Insight
Detection Rule Management
Detection Filters
Custom Detections Available
EDR
AUTOMATED RESPONSE
Automated Dynamic Blocklists
Automated Host Isolation for Agent
MANUAL RESPONSE
Response Playbooks
Manual Host Isolation for Agent
Manual Dynamic Blocklists
Compromised User Lockout
DASHBOARDS
Dashboard Summary
Advanced Dashboards
Reporting
Saved Reports
Advanced
Compliance Reports
Advanced
Report Builder
Blumira Investigate
Executive Summaries
Deception Technology
Honeypots
SPECIAL OFFERS
Trava Compliance Services
20% Off
FounderShield Insurance
20% Off
Additional Functionality
API
SAML
Notifications
+ Support
Notifications (Voice, Text, Email)
White Glove Onboarding (One Time Fee - Required)
Included
Concierge Support (9am - 8pm ET)
Emergency After Hours Support (24/7 for Critical Priority Issues)
External Threat Surface Scans (Biannually)
Dedicated CSM + Recurring Syncs (Quarterly)
MSP pricing and packaging will differ. Contact msp@blumira.com for more details.
*Subject to our Terms and Conditions.
**Free SIEM can choose up to 3 cloud integrations: Microsoft 365, Google Workspace, SentinelOne, Webroot, Mimecast, Duo Security, Cisco Umbrella, Sophos, JumpCloud, OneLogin, 1Password, Google Cloud, Azure, CrowdStrike, and MS Defender for Cloud Apps
See FAQ for more information on employees (it does not refer to the number of users or admins with Blumira accounts).
Customers Love Blumira
Hear what our clients are saying.
“For a certain size of customer with no staff or only one security staff member, Blumira is an absolute godsend.”
Jason Waits
CISO, Inductive Automotive
“The system is very easy to understand and implement and they do ALL the heavy lifting for you. I can't express this enough. My small team has found it to be a very affordable and efficient product not only notifying us of things we otherwise wouldn't detect but also teaching us things we didn't know we needed to know! ”
Casey S.
IT Leader, small business
Frequently Asked Questions
What defines an employee?
Pricing is based on the total number of “employees” or knowledge workers in your organization (it does not refer to the number of users or admins with Blumira accounts). A knowledge worker is an employee with a corporate email address and workstation/device (may not include number of factory workers or students at a university).
This helps us determine a more accurate estimate of the amount of data you are sending to our platform.
What can I expect with Blumira Free SIEM edition?
Choose up to 3 cloud integrations – Microsoft 365, SentinelOne, Webroot, Mimecast, Duo Security, Cisco Umbrella, OneLogin and more – to start streaming logs to Blumira for advanced threat detection and response. Get started in minutes with: What to Expect With Blumira’s Free Edition
How can I protect my full tech stack?
SIEM Starter, SIEM+, and XDR provide access to all cloud and on-prem including Windows Server, firewalls, identity and more, SEIM+ and XDR include endpoint visibility for Windows, MacOS and Linux endpoints.
What do I need to help meet compliance?
While compliance regulations may vary, industry standards and upcoming cybersecurity insurance mandates often require at least one year of data retention for audit trails, log monitoring, investigation and incident response. Purchase SIEM Starter, SIEM+ or XDR for one year data retention.
Is there an employee minimum?
All paid editions of Blumira have a minimum of 10 employees. Our Free SIEM has no minimum and comes with unlimited employees.
How do you provide support?
Customer support is available for paid editions only. Your team can contact our support directly in the Blumira app, by email or calling our support line. For SIEM+ and XDR Platform, Blumira provides emergency after hours support 24 hours, 7 days a week for security incident issues. Free SIEM users have access to our support documentation.
Is there a contract term?
Our contract terms for SIEM Starter, SIEM + and XDR are contracted on an annual basis.
How can I purchase Blumira Agent?
SIEM +, and XDR come bundled with 1 Blumira Agent per employee. SIEM Starter, SIEM+ and XDR have the ability to purchase additional agents at $3 per agent per month. MSP pricing and packaging will differ – contact msp@blumira.com for more details.
Still Have Questions?
We’re happy to answer any questions about our editions and provide a custom price quote.