Blumira has expanded its security operations platform with improved endpoint detection and response (EDR) and identity threat detection and response (ITDR) capabilities, helping security teams accelerate active threat detection and containment. With this update, organizations using Blumira Respond and Automate editions can now isolate compromised endpoints, stop malicious processes, and block attackers across Microsoft 365 and Active Directory directly from the Blumira dashboard.
As cyberattacks continue to evolve, security teams are under growing pressure to respond quickly and efficiently. In particular, ransomware and identity-based attacks remain among the most serious risks facing businesses today. Because of that, organizations need security tools that not only detect threats but also simplify and speed up the response process. Blumira is addressing that need by bringing endpoint and identity response actions into a single platform, which reduces delays during high-pressure incidents.
“Ransomware and identity-based attacks including business email compromise are top-of-mind concerns keeping IT teams up at night right now,” said Matt Warner, CEO of Blumira. “Response teams shouldn’t have to jump between multiple dashboards during an active breach, or have to wonder what to do next. These endpoint and identity security improvements help us deliver on our promise of manageable, scalable security for busy teams and partners.”
This launch comes as ransomware activity continues to rise. According to the company, ransomware attacks have increased by 34% since 2024 and appear in 44% of breaches, based on Verizon’s DBIR 2025 report. Therefore, the speed of incident response has become a major factor in determining whether a team contains a threat early or faces a larger breach. For IT administrators and managed service provider technicians, every second matters. By unifying detection, investigation, and response in one environment, Blumira helps teams reduce the time between identifying a threat and taking action.
A key benefit of the platform update is the ability to respond directly from a new finding. As a result, teams can move from alert to containment with fewer clicks and less wasted time. In addition, Blumira gives response teams richer threat context, so they can see the full picture of an incident. Whether the issue involves a compromised Microsoft 365 account or escalating privilege abuse, teams can investigate and act without switching between multiple tools.
The updated capabilities also help security teams contain threats faster through a clearer and more structured response process. Instead of managing a scattered set of tools during an incident, IT teams can work from one central location. That not only improves efficiency but also helps build team confidence and security expertise over time.
“We’re stopping breaches in seconds instead of minutes or hours. I don’t have to find a password, log in, get to the user, revoke MFA, and change their password. I can do all of that in one click,” said Matt Timm, Network Operations Center Team Lead at TR Computer Sales. “Efficiency is key, especially in a security monitoring department. For us to have everything in one central location — the information, what’s happening, the ways that we can fix it, and then the feedback of how it was fixed — is huge.”
Beyond EDR and ITDR improvements, Blumira is also enhancing its Public API. These additions give partners and advanced users the ability to assign findings, add comments, resolve incidents, and query evidence programmatically. For MSPs managing security across several client environments, this makes it easier to connect Blumira with existing PSA platforms, RMM tools, and custom workflows. Consequently, teams can keep security operations embedded within the tools they already use every day.
Overall, Blumira’s latest platform update strengthens its position as a unified security operations solution for growing teams and partners. By combining faster endpoint response, stronger identity protection, and deeper workflow integration, the company is helping organizations detect and contain threats with greater speed, clarity, and control.
Recommended Cyber Technology News:
- Why Zscaler Warns Boards to Tighten AI Governance Immediately
- Data Privacy Week 2026 [Part 2]: What Privacy Looks Like When Systems Fail
- Not One Breach but an Ecosystem: What the 149M Leak Reveals
To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com
