Blumira has announced the launch of Detection Filters, a new feature that empowers small and mid-sized business (SMB) customers to customize detection rules based on their organizations’ needs. Customized detection rules greatly reduce the number of noisy alerts, so small IT and security teams can focus on critical and priority alerts to prevent breaches and ransomware attacks.
Blumira’s Detection Filters helps organizations reduce false positives, or alerts triggered by known safe activity, and automates the prioritization of findings so small teams can focus their attention on legitimate threats for faster time to resolution.
To enable small teams to focus on anomalous detections, a user can now edit their organization’s detection rules to exclude alerts triggered by known legitimate traffic or users. Organizations can customize these filters to exclude certain users or IP addresses from findings, freeing up time and effort that IT teams would otherwise spend combing through irrelevant alerts.
Small teams benefit from Blumira’s automatically prioritized findings, organized from Priority 1 (P1) – Priority 3 (P3), that recommend when to respond: immediately, within the next day, or within the next few business days. Blumira’s SecOps team helps provide further guidance and security expertise, and each finding comes with playbooks to walk IT teams through how to respond.
Detection Filters is included with the Advanced edition of Blumira’s self-service cloud security information and event management (SIEM), offering detection and response with a wide variety of cloud and on-prem integrations.