
Blumira Inc., a startup with a cloud-based cyberattack detection platform that it says is easier to use than many competing products, has raised $10.3 million in funding.
According to Blumira, Mercury Fund led the round with participation from M25, Array Ventures and multiple angel investors. The group of angel investors included Jon Oberheide, the co-founder of cybersecurity provider Duo Security, which was acquired by Cisco Systems Inc. for $2.35 billion in 2018.
Blumira develops what’s known as a SIEM. SIEM platforms function as companies’ main software hub for detecting data breaches. They aggregate security information from an organization’s threat detection tools and analyze the data for patterns to find signs of a cyberattack.
SIEM platforms can be fairly difficult to deploy. Blumira says that its SIEM product, which is provided as a cloud service, can be set up five times faster than rival offerings and is easier to use in certain other respects as well.
One of the tasks that Blumira simplifies is the initial installation. Because SIEM platforms find breaches by analyzing security data from a company’s other threat detection tools, administrators must set up workflows to facilitate the transfer of data between those tools and their SIEM. The process can take a lot of time in complex technology environments.
What makes the process particularly resource-intensive is that the data being transferred to the SIEM platform is often made up of files in different formats. As a result, administrators have to ensure that technical differences between the file formats won’t complicate threat detection.
Blumira says that its SIEM service performs the necessary fine-tuning automatically, reducing the initial software setup to as little as an hour in some cases. The startup’s service also automates another task. It finds the best way of analyzing incoming security data from a company’s systems in order to maximize threat detection rates.
Included alongside the usability features is a set of capabilities to help companies respond to breaches more effectively. Blumira provides a dashboard that organizes detected threats in order of urgency so administrators can determine which issue they should fix first. To give cybersecurity teams additional insight into incidents, the service displays related technical data it pulls from external threat intelligence feeds.
After spotting a potential breach, Blumira’s service can in some cases automatically block the cyberattack. For incidents that can’t be addressed automatically, the service provides guides dubbed playbooks to help administrators find the best way of remediating the issue.
“Having additional capital behind us accelerates our velocity and ability to execute our vision of democratizing the detection and response market,” said Blumira co-founder and Chief Executive Officer Steve Fuller.
The startup plans to double its headcount to 80 employees over the next year and expand its partner program. In particular, Blumira is looking to expand alliances with managed service providers. The startup will additionally work with technology partners to improve its service’s ability to collect security data from cloud and on-premises applications.