Blumira has introduced Kindling, a pilot agentic investigation engine designed to drastically reduce the volume of security alerts by up to fifty times, helping lean security teams focus on prioritized incidents with actionable insights.
- Reduces alert volume by 30 to 50 times with two-stage analysis
- AI consensus model achieves 98.5% auto-triage accuracy
- Supports cloud, network, endpoint, and identity data correlation
What happened
Blumira Inc. launched the pilot for Kindling, an agentic investigation engine built on its security operations platform, aimed at reducing overwhelming alert volumes faced by security teams. The tool applies a two-stage analytical process to incoming findings, surfacing only cases that meet a weighted scoring threshold based on severity, baselines, and resolution patterns from a broad customer base.
Kindling offers lean teams a refined incident list complete with attack timelines and recommended remediation steps. It leverages eight years of detection knowledge, full-fidelity log data retention, and cohort comparisons, enabling it to auto-triage alerts with a reported accuracy rate of 98.5%. A new managed service provider dashboard also supports MSPs with client-wide visibility and benchmarking.
Why it matters
Security teams, especially in small and midmarket organizations, frequently struggle with alert fatigue caused by high volumes of raw security findings, slowing response and increasing risk. Kindling addresses this by automating the triage to prioritize real threats, reducing manual overhead and allowing teams to act decisively on contextualized cases.
By correlating data across cloud, network, endpoint, and identity layers, Kindling identifies attacks earlier in their chain compared to single-source detection tools. This comprehensive approach helps prevent attackers from gaining initial footholds undetected, significantly enhancing defensive capabilities for organizations with limited security resources.
What to watch next
Blumira’s ongoing pilot phase will likely refine Kindling’s capabilities and generate broader adoption among SMB security operations centers and managed service providers. The effectiveness of its AI-driven triage model in diverse environments and evolving threat landscapes will be critical to its success and potential market expansion.
The company’s continued investment in AI-assisted investigation tools, following its SOC Auto-Focus rollout last year, indicates a strategic emphasis on reducing manual security workloads through intelligent automation. Future developments may include deeper integrations, expanded data sources, and enhanced MSP-centric features to further streamline incident management.