Security operations platform startup Blumira Inc. today launched the pilot of Kindling, an agentic security information and event management investigation engine that the company says can reduce alert volume for security teams by 30 to 50 times.

Pitched at small and midmarket security operations centers and the managed service providers that support them, Kindling sits on top of Blumira’s existing platform and applies two-stage analysis to incoming findings before deciding whether to surface them as a case. The result, according to the company, is that lean teams stop drowning in raw alerts and instead see only verified, prioritized incidents with an attached attack chain and recommended next steps.

The engine draws on eight years of detection data, a rolling year of full-fidelity log retention and cohort comparison across other Blumira customers to weigh each finding. Severity, environmental baseline and how similar organizations resolved the same finding all feed into a weighted score. Cases that clear the threshold arrive with a timeline of related findings, a graph view of affected identities and assets and a remediation path.

Blumira says it validated Kindling against more than 2,000 real-world incidents resolved by its support teams and recorded a 98.5% auto-triage accuracy rate. The company credited the result to deterministic investigation paired with a three-judge artificial intelligence consensus model. Of the small share of cases that fell outside that band, 99% were surfaced as alerts rather than dropped as false negatives.

The coverage offered by Kindling spans cloud, network, endpoint and identity data already flowing into the Blumira platform. The company argues that single-layer detection lets attackers establish a foothold before defenders can react and that correlating findings across all four layers is what allows Kindling to flag malicious activity earlier in an attack chain.

“Kindling takes the guesswork out of security. With attackers moving faster than ever, a three-person IT team can’t afford to manually sort through alerts,” said Chief Executive Matt Warner. “Kindling replaces a finding to-do list with actionable cases and tells you what’s critical, so even lean security teams can have the contextual signal they need to triage, investigate, and remediate without manual overhead.”

The launch extends a push into AI-assisted investigation work that Blumira began in October, when it rolled out SOC Auto-Focus, a tool designed to give underresourced administrators plain-language context on findings and guided remediation steps. Kindling moves further up the stack by deciding which findings warrant a human at all.

A separate MSP dashboard is also being offered as part of the pilot launch that gives providers top-down visibility into case status across every client tenant, benchmarks each environment against similar organizations and produces incident timeline reports and estimated cost-savings figures that MSPs can hand to clients.

Blumira has raised approximately $28 million in funding across three rounds, including a round of $15 million in June 2023. Investors in the company include Ten Eleven Ventures, RPS Ventures, HPA Holdings, Mercury Fund, M25 Ventures and Array Ventures.

Image: Blumira