Streamline and Scale

Since 2014, Blue Cycle Founder JP Bourget and the Blue Cycle team has interviewed over 300 SecOps teams and engaged with over 50 teams across MSSP/XDR provider and enterprise clients. We’ve seen what works, what doesn’t and what the top 10% of SecOps teams are doing to keep ahead, identify operational efficiencies and establish competitive differentiation.


Go To Market, Channel, Microsoft/AWS/Other Partner Programs, Architecture and Security Products


Security Data Pipeline Modernization with Cribl or Custom Architectures/Technologies


Custom and Prebuilt Python and GoLang product integrations deployed as Functions, Containers or Agents

Security Operations Advisory, Modernization and Implementation Services

Similar to our advisory services for enterprise but tailored to MSSP operations. Blue Cycle has worked with a variety of MSSPs - direct and channel models - and provided strategic guidance around architecture, tech stack, AWS and Microsoft Partner Programs, and managing ingest multi-tenant at scale. We also keep an eye on up and coming Security Vendors that may be a great fit for your business model.

Examples of Recent Projects:

  • Blue Cycle introduced a global XDR provider to an Infrastructure as Code SecOps platform to accelerate a refactor of a Global SOC across 3 geographic regions
  • Blue Cycle assisted a North American XDR provider in implementing strategies to leverage the Microsoft Partner program to differentiate their offering, scale their deployment capabilities, and discover internal Microsoft advocates to increase inbound lead generation
  • Blue Cycle led a Product Management and Operational Excellence project with a different Global XDR provider to restructure their customer facing portal to remove new customer onboarding/offboarding friction around data source activation. We also assisted them refactoring their detection engineering process, moving from an adhoc process to a measurable and trackable MITRE ATT&CK®  approach that allows them to demonstrate ongoing value.

Security Data Pipeline / Event Ingest Optimization

Blue Cycle can review your data pipeline/ingest process and recommend architecture and process improvements to simplify and reduce ingest costs. Outcomes include:

  • Filtering and routing of data to multiple use case based destinations (e.g. SIEM and data lake/S3)
  • Transformation and reduction of data
  • Replay of data
  • Manage data sources across 100s, 1000s of tenants

Blue Cycle also has a catalog of Security Product integrations in Python and GoLang to enable non-native data sources into Cribl or other data pipeline tooling. We can enable ingest in AWS, Azure, GCP or Kubernetes.

SecOps Advisory Services

Blue Cycle frequently engages to build and improve upon:

- Security Use Case Design Process/Onboarding
- Detection Engineering Requirements Process
- Data Onboarding Process
- Threat Modeling Process
- SIEM Architecture

Contact Us