Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Most MDR providers stop at detection and escalation. Two new capabilities in BlueVoyant AI (BlueVoyant's MDR platform), Cloud Forensics and Device Forensics, extend the service into active investigation, giving analysts the tools to determine what happened during an incident rather than simply flagging that one occurred. When an incident requires traditional forensic investigation, these same tools provide a direct transition into that process.

Security operations teams are drowning in telemetry. Rule-based detections still do the heavy lifting, but they often force you to choose between high noise and blind spots, especially when adversaries live off the land and blend into legitimate activity. Over the past year at BlueVoyant, we’ve been testing and deploying Microsoft’s User and Entity Behavioral Analytics (UEBA) capabilities across our customer base, and the results have been eye-opening.

BlueVoyant Security Operations Center (SOC) and Threat Fusion Cell (TFC) researchers have been tracking an active ClickFix campaign that manipulates users into believing their web browser requires a security update. If the user complies, the ClickFix lure initiates a multi-stage infection chain that ultimately deploys the Lorem Ipsum Loader, a malware family BlueVoyant first documented in May 2026.

Today, we’re launching BlueVoyant AI. In my first months as CEO, I’ve had the chance to meet with many of you. What struck me most is the scope and importance of what you’re protecting, and how seriously you carry that responsibility. What also came through clearly is that your vision for the future of security aligns with ours.

Every enterprise security leader is being asked the same question in 2026: what do you use to protect sensitive data when AI has put it in constant motion?

Earlier this year, BlueVoyant adopted a new detection strategy built on the Advanced Security Information Model (ASIM). For those unfamiliar, ASIM is Microsoft's normalisation layer that standardises log data across products into consistent schemas. Our approach is simple: The result? Dramatically faster use case development and cleaner, more maintainable detection logic.