Blumira, a security operations XDR platform that also contains a SIEM, has made a pair of announcements. First, they have launched SOC Auto-Focus, an AI-powered security investigation tool that is designed to help IT teams and MSPs work smarter, reduce alert fatigue and accelerate incident response through contextual intelligence and expert guidance. Secondly, they have made significant changes to their Managed Service Provider partner program.
Blumira was formed out of an MSP in Michigan, and at that time, their focus was squarely on the SMB.
‘We realized there wasn’t any tech then to support the SMB to help them reduce risk,” said Matthew Warner, CEO and co-founder of Blumira. “It is the responsibility of the vendors to help IT get better. Our motto was we wanted to help people sleep at night. We supported MSPs and VARs, with a focus on making data work for them from a cybersecurity perspective. This allowed us to grow and to get visibility into their environment.”
Defining Blumira’s market is somewhat tricky, although officially they now have an SMB and midmarket focus.
“We tried to move away from those terms, and we tend to use the phase ‘growing company,’” Warner said. “We are especially strong in manufacturing, in highly regulated spaces, and in organizations with between 200-300 people at the low end to 5000-10,000 at the high. We have over 25 PB of data because we are very scalable, and the experience is the same whether you have a huge or smaller amount of data. A lot of that is because of the way we price which is basically – how many employees work at the organization. It’s a predictable price with security maturity. We want to ensure we support MSPs who leverage us as much as we do the upper end organizations when it comes to how security is being provided.”
In 2018, the platform started as SIEM, but Blumira has added components to it since then.
“We were originally a native SIEM, and as we added XDR, EDR and AI, they all get rolled into the SIEM,” Warner said.
The new capability, SOC Auto-Focus, is a fundamental shift for how under-resourced IT administrators and security teams approach threat investigation. Rather than replacing human decision-making, the solution enhances analyst capabilities by providing instant context, clear prioritization and guided response workflows developed by Blumira’s security experts.
“SOC Auto-Focus is brand new, and is something that we started working on about 18 months ago internally,” Warner indicated. “It is based on our SIEM pedigree. We’ve seen a lot of EDR releases where AI people realize that they don’t need a chatbot – they need an easy way to get the knowledge they need to move forward. People are still needed, to enable entry level and junior people. This was about delivering something that gives them answers, where they can use AI to cut the use of time.”
Warner said that SOC Auto-Focus provides the equivalent of an automated agentic tier 1 and 2 SOC analyst.
“SOC AF when engaged will gather up findings,” he said. “The way we have approached it is ‘can you get value out of it?’ Agentic agents have become a place for investors to put money. We structured SOC AF to be unique, and not to plug into another SIEM –like some others. This gives people the ability to get research without having to hook up anything. It’s how you sell to growing companies. In our betas, it has become a very strong training tool for MSPs specifically, as it lets them onboard into Blumira with almost no training.”
Unlike traditional AI security tools that require extensive training periods or provide generic analysis without environmental context, SOC Auto-Focus works immediately upon deployment. The solution draws upon the deep security expertise already built into Blumira’s platform, ensuring recommendations are grounded in proven security practices rather than algorithmic guesswork. This lets organizations measure their return on investment through reduced mean time to respond to security incidents, increased successful remediation rates, decreased repeat incidents, and improved confidence among IT team members.
The enhanced MSP partner program addresses the growing demand for scalable security solutions among service providers. New features include advanced multi-tenant management capabilities, streamlined onboarding processes for MSP clients, and enhanced reporting tools that simplify compliance documentation across multiple customer environments. The new Blumira Partner program is designed specifically to help MSPs enhance service offerings with pre-tuned detections, response playbooks, and fast deployment and results.
Blumira offers four levels of participation in the program – Registered, Bronze, Silver and Gold. Each level unlocks greater discounts and rebates, priority support, cooperative marketing funds, deal registration, exclusive tools and resources. Silver and Gold are the more rigorous levels, as they require a business plan.
MSPs make up the vast majority of Blumira’s channel, with VARs making up the rest.
“About 95% of our partners are MSPs, although we do have some MSSPs,” Warner indicated. “We launched their channel program in 2020, and it has been very successful, with about 12,000 MSPs on the platform now.
“We changed it because we wanted to take the program in a direction that was more enabling for MSPs. The new program helps MSPs be more flexible and helps them grow businesses their business. It removes manual commitments to give them more flexibility, and ensures that we are giving marketing dollars and funds to MSPs who are growing. That makes life easier for MSPs and easier for us.”
Warner said that the new advanced multi-tenant management capabilities are really important.
“The big inclusions are structured around tenant management,” he said, “We have streamlined onboarding processes for MSP clients, including the launching of our own partner portal on November 1 to drive streamlined partners on board. It also has an integration for ConnectWise, and we will bring other PSAs into the portal as well.”
The enhanced reporting tools that simplify compliance documentation across multiple customer environments ensure that when people move into compliance, MSPs have the ability to grow their customer base.
“These are complex and we can now make sure the compliance documentation is brought to the MSP for their customers,” Warner stated.