Are you over 18 and want to see adult content?
More Annotations
A complete backup of www.kickoff.com/news/articles/south-africa-news/categories/news/nedbank-cup/nedbank-cup-match-report-orland
Are you over 18 and want to see adult content?
A complete backup of www.ettoday.net/news/20200208/1641157.htm
Are you over 18 and want to see adult content?
A complete backup of www.nba.com/warriors/gameday/20200208/recap
Are you over 18 and want to see adult content?
A complete backup of news.ltn.com.tw/news/politics/breakingnews/3063066
Are you over 18 and want to see adult content?
A complete backup of www.lidovky.cz/domov/v-cesku-je-kvuli-orkanu-100-tisic-domacnosti-bez-elektriny-nejhorsi-situace-je-ve-stre
Are you over 18 and want to see adult content?
A complete backup of soha.vn/ro-tin-don-luu-diec-phi-va-duong-duong-dang-ky-ket-hon-chinh-thuc-to-chuc-le-cuoi-vao-thang-3-nam-n
Are you over 18 and want to see adult content?
Favourite Annotations
A complete backup of www.hurriyet.com.tr/kelebek/televizyon/eskiya-dunyaya-hukumdar-olmaz-son-bolum-izle-eskiya-dunyaya-hukumdar
Are you over 18 and want to see adult content?
A complete backup of www.rap-up.com/2020/02/27/lil-baby-my-turn-stream/
Are you over 18 and want to see adult content?
Text
EXPEL MDR - EXPEL
Summary of Expel MDR capabilities. Detection. Proactive threat hunting. We go find the attacks your products don’t alert on and which only a human can find. Expel detection rules. High fidelity alerts from Expel-curated rules based on simulated and real-life attacks. XDR alert analysis. API-integration to your cloud services,EDR, network and
A BEGINNER’S GUIDE TO GETTING STARTED IN CYBERSECURITY There are all sorts of resources out there that’ll help you on the path towards becoming a super-nerdy cyber superhero. Here’s our list of five things you can do to take the first steps to an entry-level technical cybersecurity career. 1. Survey the field. HOW MUCH DOES IT COST TO BUILD A 24X7 SOC? Considering even entry-level security analysts command $75,000/year in salary alone, your cost to operate a SOC starts at roughly a million dollars. Beyond people, the next largest impact on your SOC’s efficacy will be your technology and how easy you can make it for your people to use. Any SOC that doesn’t have the right technology to PERFORMANCE METRICS, PART 1: MEASURING SOC EFFICIENCY Measure the 95th percentile – not the median: At Expel, when measuring alert latency, we use the 95th percentile. So in essence, our metric helps us understand how long alerts wait before first action 95 percent of the time. If we were to use the median latency, that’d only tell us how long alerts wait 50 percent of the time. FIREEYE HX SERIES GETTING STARTED GUIDE 6 www.expel.io G. Select an Assembler from the drop down that has network connectivity to the FireEye HX device (Choose the Assembler you set up in Step 2 of the Getting Started with Expel guide) H. For Name enter the hostname of the FireEye HX device I. LocationFor enter the geographic location of the appliance J. Server addressFor enter the FireEye HX device IP and communications port in theCOMMODITY MALWARE
INTRODUCING A MIND MAP FOR AWS INVESTIGATIONS Check it out. First, it can help analysts see the bigger picture during investigations, so they can quickly identify risk and possible compromise. Full disclosure, the AWS mind map doesn’t cover every API call and the associated ATT&CK tactic. But it can be a resource during incident response and, after remediation, can help you tell theDAVE MERKEL
Dave Merkel. Dave Merkel (aka “Merk”) is the co-founder of Expel as well as the company’s chief executive officer. He’s ultimately responsible for everything and has been frequently mistaken for Willy Wonka. Dave has been involved in the information security field for nearly 20 years, first as a federal agent pursuing cyber criminals inDENISE HAYMAN
Denise Hayman. Denise Hayman is our Chief Revenue Officer. If you’re looking to learn more about Expel, chances are that you’ll be talking to her or someone on her team. She’s also passionate about making sure that your experience is better than it was for any other security product you’ve bought. She comes to Expel with more than 25 EXPEL - TRANSPARENT SOC AS A SERVICEWHAT WE DOWORKING WITH USFOR OUR CUSTOMERSABOUT EXPELBLOGCONTACT US Take a quick scroll through an overview of Expel's transparent SOC-as-a-Service offering and see how we provide 24x7 detection, response and resilience.EXPEL MDR - EXPEL
Summary of Expel MDR capabilities. Detection. Proactive threat hunting. We go find the attacks your products don’t alert on and which only a human can find. Expel detection rules. High fidelity alerts from Expel-curated rules based on simulated and real-life attacks. XDR alert analysis. API-integration to your cloud services,EDR, network and
A BEGINNER’S GUIDE TO GETTING STARTED IN CYBERSECURITY There are all sorts of resources out there that’ll help you on the path towards becoming a super-nerdy cyber superhero. Here’s our list of five things you can do to take the first steps to an entry-level technical cybersecurity career. 1. Survey the field. HOW MUCH DOES IT COST TO BUILD A 24X7 SOC? Considering even entry-level security analysts command $75,000/year in salary alone, your cost to operate a SOC starts at roughly a million dollars. Beyond people, the next largest impact on your SOC’s efficacy will be your technology and how easy you can make it for your people to use. Any SOC that doesn’t have the right technology to PERFORMANCE METRICS, PART 1: MEASURING SOC EFFICIENCY Measure the 95th percentile – not the median: At Expel, when measuring alert latency, we use the 95th percentile. So in essence, our metric helps us understand how long alerts wait before first action 95 percent of the time. If we were to use the median latency, that’d only tell us how long alerts wait 50 percent of the time. FIREEYE HX SERIES GETTING STARTED GUIDE 6 www.expel.io G. Select an Assembler from the drop down that has network connectivity to the FireEye HX device (Choose the Assembler you set up in Step 2 of the Getting Started with Expel guide) H. For Name enter the hostname of the FireEye HX device I. LocationFor enter the geographic location of the appliance J. Server addressFor enter the FireEye HX device IP and communications port in theCOMMODITY MALWARE
INTRODUCING A MIND MAP FOR AWS INVESTIGATIONS Check it out. First, it can help analysts see the bigger picture during investigations, so they can quickly identify risk and possible compromise. Full disclosure, the AWS mind map doesn’t cover every API call and the associated ATT&CK tactic. But it can be a resource during incident response and, after remediation, can help you tell theDAVE MERKEL
Dave Merkel. Dave Merkel (aka “Merk”) is the co-founder of Expel as well as the company’s chief executive officer. He’s ultimately responsible for everything and has been frequently mistaken for Willy Wonka. Dave has been involved in the information security field for nearly 20 years, first as a federal agent pursuing cyber criminals inDENISE HAYMAN
Denise Hayman. Denise Hayman is our Chief Revenue Officer. If you’re looking to learn more about Expel, chances are that you’ll be talking to her or someone on her team. She’s also passionate about making sure that your experience is better than it was for any other security product you’ve bought. She comes to Expel with more than 25 EXPEL WORKBENCH FOR AWS Expel Workbench uses API integrations to connect directly with your AWS instance to pull CloudTrail data from S3 and access services like GuardDuty and Amazon Inspector. Our bots, Josie™ and Ruxie™, get to work and automatically enrich and triage alerts, surfacing up Expel-validated alerts. When we notify you about an alert you’ll get PERFORMANCE METRICS, PART 1: MEASURING SOC EFFICIENCY Measure the 95th percentile – not the median: At Expel, when measuring alert latency, we use the 95th percentile. So in essence, our metric helps us understand how long alerts wait before first action 95 percent of the time. If we were to use the median latency, that’d only tell us how long alerts wait 50 percent of the time. COME SEA HOW WE TACKLE PHISHING: EXPEL’S PHISHING It’s tough to stay afloat when you’re drowning in phishing emails. While it’s great that users are submitting suspicious-looking emails, you need to be able to glean meaningful information from all the data in those suspicious submissions. FIREEYE HX SERIES GETTING STARTED GUIDE 6 www.expel.io G. Select an Assembler from the drop down that has network connectivity to the FireEye HX device (Choose the Assembler you set up in Step 2 of the Getting Started with Expel guide) H. For Name enter the hostname of the FireEye HX device I. LocationFor enter the geographic location of the appliance J. Server addressFor enter the FireEye HX device IP and communications port in the SO YOU’RE A MANAGER. CONGRATS! NOW WHAT? The “Making of a Manager” book club: A book club?! Yeah, a book club. But not the kind your grandma goes to with her bridge group. To start our 2020 program, we gave our people managers copies of The Making of a Manager by Julie Zhuo. Managers divided into groups to discuss what they took away from the book, reading a few chapters eachweek.
PERFORMANCE METRICS, PART 2: KEEPING THINGS UNDER CONTROL Performance metrics, part 2: Keeping things under control. Metrics aren’t just for status reports, mmmkay. Effective SOC managers embrace data and use metrics to spot and fix problems. At Expel, reviewing metrics and adjusting is how we take care of the team – and our customers! In this part-two installment of our three-part blogseries on
EVILGINX-ING INTO THE CLOUD: HOW WE DETECTED A RED TEAM Before the cloud was a thing, red teams had a lot of similarities: The crafty “attackers” phished a user with a malicious document with a backdoor, grabbed some Microsoft credentials and pressed a big flashing “keys to the kingdom” button to achieve their objective. REGISTER FOR THE WEBCAST Making the most out of your Microsoft security stack June 22, 20212:00-2:30pm ET
ANNOUNCING OPEN SOURCE PYTHON CLIENT (PYEXCLIENT) FOR Today we’re announcing the release of pyexclient, a python client for the Expel Workbench. We’ve built on our learnings over the past few years and have beefed it up with documentation and lots of examples. With the release of pyexclient we’re including: Snippets : we’re releasing 25+ code snippets that give, in a few lines each EXABEAM: AN INCIDENT INVESTIGATOR’S CHEAT CODE Exabeam: an incident investigator’s cheat code. If you were to ask any SOC analyst their preferred tool of the trade, just about all of them would tell you how much they love using EDR (Endpoint Detection and Response) tools. I’d say the same. Seventy percent of all compromises still originate at the endpoint, and EDR tools provide the EXPEL - TRANSPARENT SOC AS A SERVICEWHAT WE DOWORKING WITH USFOR OUR CUSTOMERSABOUT EXPELBLOGCONTACT US Take a quick scroll through an overview of Expel's transparent SOC-as-a-Service offering and see how we provide 24x7 detection, response and resilience.EXPEL MDR - EXPEL
Summary of Expel MDR capabilities. Detection. Proactive threat hunting. We go find the attacks your products don’t alert on and which only a human can find. Expel detection rules. High fidelity alerts from Expel-curated rules based on simulated and real-life attacks. XDR alert analysis. API-integration to your cloud services,EDR, network and
EXPEL HUNTING
Proactively hunt for unexpected activity. (a.k.a. spotting the camouflage) When you’re looking for attackers and the alarms didn’t go off, it can be difficult to know where to start. In addition to your MDR, you need a multi-layered security approach. With Expel Hunting, we pull data from your security tech, detect attackeractivity, fill
PARTNER RESOURCES
Learn more about Partner Resources with Expel. MDR services offer turnkey threat detection and response via modern, remotely delivered, 24/7 security operations center capabilities and technology. EXPEL WORKBENCH FOR AWS Expel Workbench uses API integrations to connect directly with your AWS instance to pull CloudTrail data from S3 and access services like GuardDuty and Amazon Inspector. Our bots, Josie™ and Ruxie™, get to work and automatically enrich and triage alerts, surfacing up Expel-validated alerts. When we notify you about an alert you’ll get A BEGINNER’S GUIDE TO GETTING STARTED IN CYBERSECURITY There are all sorts of resources out there that’ll help you on the path towards becoming a super-nerdy cyber superhero. Here’s our list of five things you can do to take the first steps to an entry-level technical cybersecurity career. 1. Survey the field. DARKTRACE DIRECT GETTING STARTED GUIDE 6 www.expel.io G. Select an Assembler from the drop down (Choose the Assembler you set up in Step 2 of the Getting Started with Expel guide) H. Enter Name and Location I. private keyFor , enter the private token used to authenticate to the device, from Step 2, Letter D J. public keyFor , enter the API token used to authenticate to the device, from Step 2, Letter D THE FORRESTER WAVE REPORT: WHAT IS THE FORRESTER WAVE What’s inside. This report is a guide for buyers considering Managed Detection and Response providers. Forrester analysts follow a publicly available methodology. Download the report to learn: How Expel stacks up: The Wave™ ranks Expel alongside the 14 other most significant vendors, helping you HOW MUCH DOES IT COST TO BUILD A 24X7 SOC? Considering even entry-level security analysts command $75,000/year in salary alone, your cost to operate a SOC starts at roughly a million dollars. Beyond people, the next largest impact on your SOC’s efficacy will be your technology and how easy you can make it for your people to use. Any SOC that doesn’t have the right technology to EVILGINX-ING INTO THE CLOUD: HOW WE DETECTED A RED TEAM Before the cloud was a thing, red teams had a lot of similarities: The crafty “attackers” phished a user with a malicious document with a backdoor, grabbed some Microsoft credentials and pressed a big flashing “keys to the kingdom” button to achieve their objective. EXPEL - TRANSPARENT SOC AS A SERVICEWHAT WE DOWORKING WITH USFOR OUR CUSTOMERSABOUT EXPELBLOGCONTACT US Take a quick scroll through an overview of Expel's transparent SOC-as-a-Service offering and see how we provide 24x7 detection, response and resilience.EXPEL MDR - EXPEL
Summary of Expel MDR capabilities. Detection. Proactive threat hunting. We go find the attacks your products don’t alert on and which only a human can find. Expel detection rules. High fidelity alerts from Expel-curated rules based on simulated and real-life attacks. XDR alert analysis. API-integration to your cloud services,EDR, network and
EXPEL HUNTING
Proactively hunt for unexpected activity. (a.k.a. spotting the camouflage) When you’re looking for attackers and the alarms didn’t go off, it can be difficult to know where to start. In addition to your MDR, you need a multi-layered security approach. With Expel Hunting, we pull data from your security tech, detect attackeractivity, fill
PARTNER RESOURCES
Learn more about Partner Resources with Expel. MDR services offer turnkey threat detection and response via modern, remotely delivered, 24/7 security operations center capabilities and technology. EXPEL WORKBENCH FOR AWS Expel Workbench uses API integrations to connect directly with your AWS instance to pull CloudTrail data from S3 and access services like GuardDuty and Amazon Inspector. Our bots, Josie™ and Ruxie™, get to work and automatically enrich and triage alerts, surfacing up Expel-validated alerts. When we notify you about an alert you’ll get A BEGINNER’S GUIDE TO GETTING STARTED IN CYBERSECURITY There are all sorts of resources out there that’ll help you on the path towards becoming a super-nerdy cyber superhero. Here’s our list of five things you can do to take the first steps to an entry-level technical cybersecurity career. 1. Survey the field. DARKTRACE DIRECT GETTING STARTED GUIDE 6 www.expel.io G. Select an Assembler from the drop down (Choose the Assembler you set up in Step 2 of the Getting Started with Expel guide) H. Enter Name and Location I. private keyFor , enter the private token used to authenticate to the device, from Step 2, Letter D J. public keyFor , enter the API token used to authenticate to the device, from Step 2, Letter D THE FORRESTER WAVE REPORT: WHAT IS THE FORRESTER WAVE What’s inside. This report is a guide for buyers considering Managed Detection and Response providers. Forrester analysts follow a publicly available methodology. Download the report to learn: How Expel stacks up: The Wave™ ranks Expel alongside the 14 other most significant vendors, helping you HOW MUCH DOES IT COST TO BUILD A 24X7 SOC? Considering even entry-level security analysts command $75,000/year in salary alone, your cost to operate a SOC starts at roughly a million dollars. Beyond people, the next largest impact on your SOC’s efficacy will be your technology and how easy you can make it for your people to use. Any SOC that doesn’t have the right technology to EVILGINX-ING INTO THE CLOUD: HOW WE DETECTED A RED TEAM Before the cloud was a thing, red teams had a lot of similarities: The crafty “attackers” phished a user with a malicious document with a backdoor, grabbed some Microsoft credentials and pressed a big flashing “keys to the kingdom” button to achieve their objective.ABOUT EXPEL
Justin Bajko is a co-founder of Expel as well as our VP of Strategy and Business Development. It’s Justin’s job to stay close to our customers and partners and make sure that we’re heading in the right direction. He also spends a good bit of his free time fretting aboutEXPEL MDR PRICING
Pricing. Our pricing is simple. It’s based on how many endpoints, resources and accounts you’re trying to protect. You choose what you’d like us to monitor and we’ll provide 24x7 service in yearly increments. We don’t nickel and dime you with add-on features. And there’s no extra charge for us to monitor more security applications DARKTRACE DIRECT GETTING STARTED GUIDE 6 www.expel.io G. Select an Assembler from the drop down (Choose the Assembler you set up in Step 2 of the Getting Started with Expel guide) H. Enter Name and Location I. private keyFor , enter the private token used to authenticate to the device, from Step 2, Letter D J. public keyFor , enter the API token used to authenticate to the device, from Step 2, Letter D FIREEYE HX SERIES GETTING STARTED GUIDE 6 www.expel.io G. Select an Assembler from the drop down that has network connectivity to the FireEye HX device (Choose the Assembler you set up in Step 2 of the Getting Started with Expel guide) H. For Name enter the hostname of the FireEye HX device I. LocationFor enter the geographic location of the appliance J. Server addressFor enter the FireEye HX device IP and communications port in the COME SEA HOW WE TACKLE PHISHING: EXPEL’S PHISHING It’s tough to stay afloat when you’re drowning in phishing emails. While it’s great that users are submitting suspicious-looking emails, you need to be able to glean meaningful information from all the data in those suspicious submissions. GETTING STARTED GUIDES SIEM. Devo (LogTrust) onboarding guide. Exabeam Advanced Analytics getting started guide. QRadar onboarding guide. Securonix getting started guide. Splunk WHAT IS DARKTRACE? BENEFITS, FEATURES & EXPEL PLATFORM Investigating Darktrace alerts for lateral movement. Expel analysts get to use a lot of really cool technology including Darktrace and Carbon Black (Cb Response). It’s one of the perks of delivering a service that integrates with so many tools. Each product we use is critical to an investigation. But they provide value in differentways.
DAVE MERKEL
Dave Merkel. Dave Merkel (aka “Merk”) is the co-founder of Expel as well as the company’s chief executive officer. He’s ultimately responsible for everything and has been frequently mistaken for Willy Wonka. Dave has been involved in the information security field for nearly 20 years, first as a federal agent pursuing cyber criminals in MICROSOFT DEFENDER ADVANCED THREAT PROTECTION GETTING 3 www.expel.io C. Under Manage, select Users (Figure 2) Figure 4 Figure 2 D. Select New guest user (Figure 3) Figure 3 E. On the New user page, select Invite user, fill out the email address (expel_analyst@expel.io), and optionally include a message (Figure 4) FIVE TIPS FOR IMPROVING YOUR DATA INGESTION AND AUDITING Tip 5: Use distributed tracing. Distributed tracing (we use Stackdriver Trace for this) is essential to follow the life cycle of a piece of data. This lets you know where that data is at all times. If your auditing process tells you a piece of data might be missing, you have to find a way to confirm whether that’s true. EXPEL - TRANSPARENT SOC AS A SERVICEWHAT WE DOWORKING WITH USFOR OUR CUSTOMERSABOUT EXPELBLOGCONTACT US Take a quick scroll through an overview of Expel's transparent SOC-as-a-Service offering and see how we provide 24x7 detection, response and resilience.EXPEL MDR - EXPEL
Summary of Expel MDR capabilities. Detection. Proactive threat hunting. We go find the attacks your products don’t alert on and which only a human can find. Expel detection rules. High fidelity alerts from Expel-curated rules based on simulated and real-life attacks. XDR alert analysis. API-integration to your cloud services,EDR, network and
PARTNER RESOURCES
Learn more about Partner Resources with Expel. MDR services offer turnkey threat detection and response via modern, remotely delivered, 24/7 security operations center capabilities and technology. A BEGINNER’S GUIDE TO GETTING STARTED IN CYBERSECURITY There are all sorts of resources out there that’ll help you on the path towards becoming a super-nerdy cyber superhero. Here’s our list of five things you can do to take the first steps to an entry-level technical cybersecurity career. 1. Survey the field. HOW MUCH DOES IT COST TO BUILD A 24X7 SOC? Considering even entry-level security analysts command $75,000/year in salary alone, your cost to operate a SOC starts at roughly a million dollars. Beyond people, the next largest impact on your SOC’s efficacy will be your technology and how easy you can make it for your people to use. Any SOC that doesn’t have the right technology toCOMMODITY MALWARE
INTRODUCING A MIND MAP FOR AWS INVESTIGATIONS Check it out. First, it can help analysts see the bigger picture during investigations, so they can quickly identify risk and possible compromise. Full disclosure, the AWS mind map doesn’t cover every API call and the associated ATT&CK tactic. But it can be a resource during incident response and, after remediation, can help you tell theDENISE HAYMAN
Denise Hayman. Denise Hayman is our Chief Revenue Officer. If you’re looking to learn more about Expel, chances are that you’ll be talking to her or someone on her team. She’s also passionate about making sure that your experience is better than it was for any other security product you’ve bought. She comes to Expel with more than 25DAVE MERKEL
Dave Merkel. Dave Merkel (aka “Merk”) is the co-founder of Expel as well as the company’s chief executive officer. He’s ultimately responsible for everything and has been frequently mistaken for Willy Wonka. Dave has been involved in the information security field for nearly 20 years, first as a federal agent pursuing cyber criminals in HOW PUBLIC-PRIVATE PARTNERSHIPS CAN SUPPORT ELECTION Imagine a public-private partnership — yes, this is an overused phrase and even a “dirty word” in some circles — between U.S. government entities “in the know” and cybersecurity companies that have visibility into global networks with the specific purpose of sharing information around election integrity. While there are pocketsof
EXPEL - TRANSPARENT SOC AS A SERVICEWHAT WE DOWORKING WITH USFOR OUR CUSTOMERSABOUT EXPELBLOGCONTACT US Take a quick scroll through an overview of Expel's transparent SOC-as-a-Service offering and see how we provide 24x7 detection, response and resilience.EXPEL MDR - EXPEL
Summary of Expel MDR capabilities. Detection. Proactive threat hunting. We go find the attacks your products don’t alert on and which only a human can find. Expel detection rules. High fidelity alerts from Expel-curated rules based on simulated and real-life attacks. XDR alert analysis. API-integration to your cloud services,EDR, network and
PARTNER RESOURCES
Learn more about Partner Resources with Expel. MDR services offer turnkey threat detection and response via modern, remotely delivered, 24/7 security operations center capabilities and technology. A BEGINNER’S GUIDE TO GETTING STARTED IN CYBERSECURITY There are all sorts of resources out there that’ll help you on the path towards becoming a super-nerdy cyber superhero. Here’s our list of five things you can do to take the first steps to an entry-level technical cybersecurity career. 1. Survey the field. HOW MUCH DOES IT COST TO BUILD A 24X7 SOC? Considering even entry-level security analysts command $75,000/year in salary alone, your cost to operate a SOC starts at roughly a million dollars. Beyond people, the next largest impact on your SOC’s efficacy will be your technology and how easy you can make it for your people to use. Any SOC that doesn’t have the right technology toCOMMODITY MALWARE
INTRODUCING A MIND MAP FOR AWS INVESTIGATIONS Check it out. First, it can help analysts see the bigger picture during investigations, so they can quickly identify risk and possible compromise. Full disclosure, the AWS mind map doesn’t cover every API call and the associated ATT&CK tactic. But it can be a resource during incident response and, after remediation, can help you tell theDENISE HAYMAN
Denise Hayman. Denise Hayman is our Chief Revenue Officer. If you’re looking to learn more about Expel, chances are that you’ll be talking to her or someone on her team. She’s also passionate about making sure that your experience is better than it was for any other security product you’ve bought. She comes to Expel with more than 25DAVE MERKEL
Dave Merkel. Dave Merkel (aka “Merk”) is the co-founder of Expel as well as the company’s chief executive officer. He’s ultimately responsible for everything and has been frequently mistaken for Willy Wonka. Dave has been involved in the information security field for nearly 20 years, first as a federal agent pursuing cyber criminals in HOW PUBLIC-PRIVATE PARTNERSHIPS CAN SUPPORT ELECTION Imagine a public-private partnership — yes, this is an overused phrase and even a “dirty word” in some circles — between U.S. government entities “in the know” and cybersecurity companies that have visibility into global networks with the specific purpose of sharing information around election integrity. While there are pocketsof
ABOUT EXPEL
Justin Bajko is a co-founder of Expel as well as our VP of Strategy and Business Development. It’s Justin’s job to stay close to our customers and partners and make sure that we’re heading in the right direction. He also spends a good bit of his free time fretting about EXPEL WORKBENCH FOR AWS Expel Workbench uses API integrations to connect directly with your AWS instance to pull CloudTrail data from S3 and access services like GuardDuty and Amazon Inspector. Our bots, Josie™ and Ruxie™, get to work and automatically enrich and triage alerts, surfacing up Expel-validated alerts. When we notify you about an alert you’ll get COME SEA HOW WE TACKLE PHISHING: EXPEL’S PHISHING It’s tough to stay afloat when you’re drowning in phishing emails. While it’s great that users are submitting suspicious-looking emails, you need to be able to glean meaningful information from all the data in those suspicious submissions. FIREEYE HX SERIES GETTING STARTED GUIDE 6 www.expel.io G. Select an Assembler from the drop down that has network connectivity to the FireEye HX device (Choose the Assembler you set up in Step 2 of the Getting Started with Expel guide) H. For Name enter the hostname of the FireEye HX device I. LocationFor enter the geographic location of the appliance J. Server addressFor enter the FireEye HX device IP and communications port in the PERFORMANCE METRICS, PART 1: MEASURING SOC EFFICIENCY Measure the 95th percentile – not the median: At Expel, when measuring alert latency, we use the 95th percentile. So in essence, our metric helps us understand how long alerts wait before first action 95 percent of the time. If we were to use the median latency, that’d only tell us how long alerts wait 50 percent of the time. INTRODUCING A MIND MAP FOR AWS INVESTIGATIONS Check it out. First, it can help analysts see the bigger picture during investigations, so they can quickly identify risk and possible compromise. Full disclosure, the AWS mind map doesn’t cover every API call and the associated ATT&CK tactic. But it can be a resource during incident response and, after remediation, can help you tell the THE FORRESTER WAVE REPORT: WHAT IS THE FORRESTER WAVE What’s inside. This report is a guide for buyers considering Managed Detection and Response providers. Forrester analysts follow a publicly available methodology. Download the report to learn: How Expel stacks up: The Wave™ ranks Expel alongside the 14 other most significant vendors, helping you WHAT IS DARKTRACE? BENEFITS, FEATURES & EXPEL PLATFORM Investigating Darktrace alerts for lateral movement. Expel analysts get to use a lot of really cool technology including Darktrace and Carbon Black (Cb Response). It’s one of the perks of delivering a service that integrates with so many tools. Each product we use is critical to an investigation. But they provide value in differentways.
EXPEL, INC. STATUS
Expel, Inc. Status. Workbench availability Operational. Workbench global network connectivity Operational. Workbench login Operational. Workbench features Operational. Investigative actions Operational. File uploads Operational. Email notifications SO YOU’RE A MANAGER. CONGRATS! NOW WHAT? The “Making of a Manager” book club: A book club?! Yeah, a book club. But not the kind your grandma goes to with her bridge group. To start our 2020 program, we gave our people managers copies of The Making of a Manager by Julie Zhuo. Managers divided into groups to discuss what they took away from the book, reading a few chapters eachweek.
EXPEL - TRANSPARENT SOC AS A SERVICEWHAT WE DOWORKING WITH USFOR OUR CUSTOMERSABOUT EXPELBLOGCONTACT US Take a quick scroll through an overview of Expel's transparent SOC-as-a-Service offering and see how we provide 24x7 detection, response and resilience.EXPEL MDR - EXPEL
Looking for a security makeover but don’t want a traditional SOC? We improve your security fast (hours or days not months). It’ll be cheaper than DIY, the quality of our response is stellar (just ask our customers) and when investigations turn to incidents our median alert-to-fix timelines are shorter than the time it takes to deliver apizza.
PARTNER RESOURCES
Learn more about Partner Resources with Expel. MDR services offer turnkey threat detection and response via modern, remotely delivered, 24/7 security operations center capabilities and technology. A BEGINNER’S GUIDE TO GETTING STARTED IN CYBERSECURITY There’s this Chef, Auguste Gusteau, who authors “ Anyone Can Cook.”Throughout the movie, you’re made to believe that the message of the book (and the movie) is that literally anyone canbecome a
COMMODITY MALWARE
HOW MUCH DOES IT COST TO BUILD A 24X7 SOC? Not all 24x7 SOCs are created equal. To figure out how much it costs to go 24x7, you have to first figure out what kind of SOC you’re trying to build. We outline four possible security operations centers and an estimate of your costs. INTRODUCING A MIND MAP FOR AWS INVESTIGATIONS We’ve been doing a lot of investigations in AWS using CloudTrail logs and have been noticing some interesting things along the way. Sowe created an
NIST CSF DASHBOARD AND OTHER NEW STUFF HOW PUBLIC-PRIVATE PARTNERSHIPS CAN SUPPORT ELECTION Election security measures (or lack thereof) are making headlines. How can private sector orgs contribute to public sector security? Our CISO Bruce Potter’s got some ideas. 12 REVEALING QUESTIONS TO ASK WHEN EVALUATING AN MSSP OR Over the last 20 years, we’ve heard all kinds of interesting questions as prospective customers evaluate which type of managed cybersecurity service is right for them. EXPEL - TRANSPARENT SOC AS A SERVICEWHAT WE DOWORKING WITH USFOR OUR CUSTOMERSABOUT EXPELBLOGCONTACT US Take a quick scroll through an overview of Expel's transparent SOC-as-a-Service offering and see how we provide 24x7 detection, response and resilience.EXPEL MDR - EXPEL
Looking for a security makeover but don’t want a traditional SOC? We improve your security fast (hours or days not months). It’ll be cheaper than DIY, the quality of our response is stellar (just ask our customers) and when investigations turn to incidents our median alert-to-fix timelines are shorter than the time it takes to deliver apizza.
PARTNER RESOURCES
Learn more about Partner Resources with Expel. MDR services offer turnkey threat detection and response via modern, remotely delivered, 24/7 security operations center capabilities and technology. A BEGINNER’S GUIDE TO GETTING STARTED IN CYBERSECURITY There’s this Chef, Auguste Gusteau, who authors “ Anyone Can Cook.”Throughout the movie, you’re made to believe that the message of the book (and the movie) is that literally anyone canbecome a
COMMODITY MALWARE
HOW MUCH DOES IT COST TO BUILD A 24X7 SOC? Not all 24x7 SOCs are created equal. To figure out how much it costs to go 24x7, you have to first figure out what kind of SOC you’re trying to build. We outline four possible security operations centers and an estimate of your costs. INTRODUCING A MIND MAP FOR AWS INVESTIGATIONS We’ve been doing a lot of investigations in AWS using CloudTrail logs and have been noticing some interesting things along the way. Sowe created an
NIST CSF DASHBOARD AND OTHER NEW STUFF HOW PUBLIC-PRIVATE PARTNERSHIPS CAN SUPPORT ELECTION Election security measures (or lack thereof) are making headlines. How can private sector orgs contribute to public sector security? Our CISO Bruce Potter’s got some ideas. 12 REVEALING QUESTIONS TO ASK WHEN EVALUATING AN MSSP OR Over the last 20 years, we’ve heard all kinds of interesting questions as prospective customers evaluate which type of managed cybersecurity service is right for them.ABOUT EXPEL
How we got started (not in a garage but in a barn) It was a tweet. \_(ツ)_/¯ Seriously, when co-founders Dave Merkel, Yanek Korff and Justin Bajko saw @rickhholland tweet back in late 2015 that MSSP customers had endured “the customer service equiv. of taxi drivers” they saw an opportunity. EXPEL WORKBENCH FOR AWS Expel Workbench for AWS (‘cause who wants to play Where’s Waldo with AWS logs) Spending hours (or days) digging through a monotonous pile of logs probably isn’t high on your to-do list. COME SEA HOW WE TACKLE PHISHING: EXPEL’S PHISHING It’s tough to stay afloat when you’re drowning in phishing emails. While it’s great that users are submitting suspicious-looking emails, you need to be able to glean meaningful information from all the data in those suspicious submissions. THE FORRESTER WAVE REPORT: WHAT IS THE FORRESTER WAVE Get the Forrester Wave Report for Managed Detection & Response from Expel, a leader in The Wave™. See how we stack up against 14 significant vendors. INTRODUCING A MIND MAP FOR AWS INVESTIGATIONS First, it can help analysts see the bigger picture during investigations, so they can quickly identify risk and possible compromise. Full disclosure, the AWS mind map doesn’t cover every API call and the associated ATT&CK tactic. FIREEYE HX SERIES GETTING STARTED GUIDE 6 www.expel.io G. Select an Assembler from the drop down that has network connectivity to the FireEye HX device (Choose the Assembler you set up in Step 2 of the Getting Started with Expel guide) H. For Name enter the hostname of the FireEye HX device I. LocationFor enter the geographic location of the appliance J. Server addressFor enter the FireEye HX device IP and communications port in the PERFORMANCE METRICS, PART 1: MEASURING SOC EFFICIENCY Over the July 4th holiday weekend our SOC spotted a coin-mining attack in a customer’s Amazon Web Services (AWS) environment. The attacker compromised the root IAM user access key and used it to enumerate the environment and spin up ten (10) c5.4xlarge SO YOU’RE A MANAGER. CONGRATS! NOW WHAT? The “Making of a Manager” book club: A book club?! Yeah, a book club. But not the kind your grandma goes to with her bridge group. To start our 2020 program, we gave our people managers copies of The Making of a Manager by Julie Zhuo. Managers divided into groups to discuss what they took away from the book, reading a few chapters eachweek.
EXPEL, INC. STATUS
Welcome to Expel, Inc.'s home for real-time and historical data onsystem performance.
DAVE MERKEL
Dave Merkel (aka “Merk”) is the co-founder of Expel as well as the company’s chief executive officer. He’s ultimately responsible for everything and has been frequently mistaken for Willy Wonka. EXPEL - TRANSPARENT SOC AS A SERVICEWHAT WE DOWORKING WITH USFOR OUR CUSTOMERSABOUT EXPELBLOGCONTACT US Expel - Transparent SOC as a service. Expel is a Leader in The Forrester Wave™: Managed Detection And Response, Q1 2021. Get thereport.
ABOUT EXPEL
Justin Bajko is a co-founder of Expel as well as our VP of Strategy and Business Development. It’s Justin’s job to stay close to our customers and partners and make sure that we’re heading in the right direction. He also spends a good bit of his free time fretting aboutEXPEL MDR - EXPEL
Summary of Expel MDR capabilities. Detection. Proactive threat hunting. We go find the attacks your products don’t alert on and which only a human can find. Expel detection rules. High fidelity alerts from Expel-curated rules based on simulated and real-life attacks. XDR alert analysis. API-integration to your cloud services,EDR, network and
A BEGINNER’S GUIDE TO GETTING STARTED IN CYBERSECURITY There are all sorts of resources out there that’ll help you on the path towards becoming a super-nerdy cyber superhero. Here’s our list of five things you can do to take the first steps to an entry-level technical cybersecurity career. 1. Survey the field.SAAS APPS - EXPEL
Detecting business email compromise (BEC) is just the start . We’ve got you covered when it comes to BEC. And we’re also looking for other signs like risky config changes, logins via proxy servers and attempts to bypass MFA. In fact, our detection strategy is built specifically for each SaaS app. SaaS apps we support. Productivity.Gmail
HOW MUCH DOES IT COST TO BUILD A 24X7 SOC? Considering even entry-level security analysts command $75,000/year in salary alone, your cost to operate a SOC starts at roughly a million dollars. Beyond people, the next largest impact on your SOC’s efficacy will be your technology and how easy you can make it for your people to use. Any SOC that doesn’t have the right technology to EXPEL, INC. STATUSEXPEL INC VIRGINIAEXPEL INCEXPEL CYBER SECURITYEXPEL MDREXPEL HERNDON VAEXPEL HERNDON Expel, Inc. Status. Workbench availability Operational. Workbench global network connectivity Operational. Workbench login Operational. Workbench features Operational. Investigative actions Operational. File uploads Operational. Email notificationsDAVE MERKEL
Dave Merkel. Dave Merkel (aka “Merk”) is the co-founder of Expel as well as the company’s chief executive officer. He’s ultimately responsible for everything and has been frequently mistaken for Willy Wonka. Dave has been involved in the information security field for nearly 20 years, first as a federal agent pursuing cyber criminals in NIST CSF DASHBOARD AND OTHER NEW STUFF MAKING SENSE OF AMAZON GUARDDUTY ALERTS Amazon GuardDuty is a continuous threat monitoring service available to AWS customers that works by consuming CloudTrail logs (AWS native API logging), Virtual Private Cloud (VPC) flow logs and DNS logs. Fortunately, CloudTrail logging is enabled by default — and you don’t even have to pay for VPC flow logs or Amazon Route 53 (AWS DNS) to benefit from GuardDuty as long as you’re using an EXPEL - TRANSPARENT SOC AS A SERVICEWHAT WE DOWORKING WITH USFOR OUR CUSTOMERSABOUT EXPELBLOGCONTACT US Expel - Transparent SOC as a service. Expel is a Leader in The Forrester Wave™: Managed Detection And Response, Q1 2021. Get thereport.
ABOUT EXPEL
Justin Bajko is a co-founder of Expel as well as our VP of Strategy and Business Development. It’s Justin’s job to stay close to our customers and partners and make sure that we’re heading in the right direction. He also spends a good bit of his free time fretting aboutEXPEL MDR - EXPEL
Summary of Expel MDR capabilities. Detection. Proactive threat hunting. We go find the attacks your products don’t alert on and which only a human can find. Expel detection rules. High fidelity alerts from Expel-curated rules based on simulated and real-life attacks. XDR alert analysis. API-integration to your cloud services,EDR, network and
A BEGINNER’S GUIDE TO GETTING STARTED IN CYBERSECURITY There are all sorts of resources out there that’ll help you on the path towards becoming a super-nerdy cyber superhero. Here’s our list of five things you can do to take the first steps to an entry-level technical cybersecurity career. 1. Survey the field.SAAS APPS - EXPEL
Detecting business email compromise (BEC) is just the start . We’ve got you covered when it comes to BEC. And we’re also looking for other signs like risky config changes, logins via proxy servers and attempts to bypass MFA. In fact, our detection strategy is built specifically for each SaaS app. SaaS apps we support. Productivity.Gmail
HOW MUCH DOES IT COST TO BUILD A 24X7 SOC? Considering even entry-level security analysts command $75,000/year in salary alone, your cost to operate a SOC starts at roughly a million dollars. Beyond people, the next largest impact on your SOC’s efficacy will be your technology and how easy you can make it for your people to use. Any SOC that doesn’t have the right technology to EXPEL, INC. STATUSEXPEL INC VIRGINIAEXPEL INCEXPEL CYBER SECURITYEXPEL MDREXPEL HERNDON VAEXPEL HERNDON Expel, Inc. Status. Workbench availability Operational. Workbench global network connectivity Operational. Workbench login Operational. Workbench features Operational. Investigative actions Operational. File uploads Operational. Email notificationsDAVE MERKEL
Dave Merkel. Dave Merkel (aka “Merk”) is the co-founder of Expel as well as the company’s chief executive officer. He’s ultimately responsible for everything and has been frequently mistaken for Willy Wonka. Dave has been involved in the information security field for nearly 20 years, first as a federal agent pursuing cyber criminals in NIST CSF DASHBOARD AND OTHER NEW STUFF MAKING SENSE OF AMAZON GUARDDUTY ALERTS Amazon GuardDuty is a continuous threat monitoring service available to AWS customers that works by consuming CloudTrail logs (AWS native API logging), Virtual Private Cloud (VPC) flow logs and DNS logs. Fortunately, CloudTrail logging is enabled by default — and you don’t even have to pay for VPC flow logs or Amazon Route 53 (AWS DNS) to benefit from GuardDuty as long as you’re using an EXPEL WORKBENCH FOR AWS Expel Workbench uses API integrations to connect directly with your AWS instance to pull CloudTrail data from S3 and access services like GuardDuty and Amazon Inspector. Our bots, Josie™ and Ruxie™, get to work and automatically enrich and triage alerts, surfacing up Expel-validated alerts. When we notify you about an alert you’ll get GETTING STARTED GUIDES SIEM. Devo (LogTrust) onboarding guide. Exabeam Advanced Analytics getting started guide. QRadar onboarding guide. Securonix getting started guide. Splunk DARKTRACE DIRECT GETTING STARTED GUIDE 6 www.expel.io G. Select an Assembler from the drop down (Choose the Assembler you set up in Step 2 of the Getting Started with Expel guide) H. Enter Name and Location I. private keyFor , enter the private token used to authenticate to the device, from Step 2, Letter D J. public keyFor , enter the API token used to authenticate to the device, from Step 2, Letter DRESOURCES - EXPEL
Peruse our resource center to learn about Expel, download customer documentation, and read our latest release notes HOW MUCH DOES IT COST TO BUILD A 24X7 SOC? Considering even entry-level security analysts command $75,000/year in salary alone, your cost to operate a SOC starts at roughly a million dollars. Beyond people, the next largest impact on your SOC’s efficacy will be your technology and how easy you can make it for your people to use. Any SOC that doesn’t have the right technology toSOC AS A SERVICE
So what is SOC-as-a-Service? (a different kind of SaaS ☺) SOC-as-a-Service solutions (sometimes called a virtual SOC) provide new options that go well beyond traditional managed security services. INTRODUCING A MIND MAP FOR AWS INVESTIGATIONS Check it out. First, it can help analysts see the bigger picture during investigations, so they can quickly identify risk and possible compromise. Full disclosure, the AWS mind map doesn’t cover every API call and the associated ATT&CK tactic. But it can be a resource during incident response and, after remediation, can help you tell the SIGNS OF BUSINESS EMAIL COMPROMISE (BEC) PHISHING ATTACKS Business email compromise (BEC) is a sophisticated, email-based scam targeting organizations and individuals just about everywhere. Many people think that BEC is only associated with wire transfer fraud, but the reality is that BEC is much more than that. It’s really an umbrella term that includes things like W2 scams, romance scams, real HOW TO TRIAGE WINDOWS ENDPOINTS BY ASKING THE RIGHT Be wary of making conclusions based solely on your search results. 2. Ask the right questions. I often find that inexperienced analysts pull back the same sources of evidence, regardless of their investigative lead. Usually, it’s because there’s no process to guide the way they triage an alert and ensure they get a complete picture. WHAT "I LOVE LUCY" TEACHES US ABOUT SOC PERFORMANCE What “I Love Lucy” teaches us about SOC performance. In September 1952, “I Love Lucy’s” Lucy and Ethel decided to go to work in a candy factory. They were placed on an assembly line and told to individually wrap chocolates as they passed by. “If any of these end up in the packing room unwrapped, you’ll both be fired,” the EXPEL - TRANSPARENT SOC AS A SERVICEWHAT WE DOWORKING WITH USFOR OUR CUSTOMERSABOUT EXPELBLOGCONTACT US Take a quick scroll through an overview of Expel's transparent SOC-as-a-Service offering and see how we provide 24x7 detection, response and resilience.ABOUT EXPEL
Yanek Korff is a co-founder of Expel as well as the company’s chief operating officer (COO). In addition to paying the bills and counting beans, Yanek makes it easyEXPEL MDR - EXPEL
Looking for a security makeover but don’t want a traditional SOC? We improve your security fast (hours or days not months). It’ll be cheaper than DIY, the quality of our response is stellar (just ask our customers) and when investigations turn to incidents our median alert-to-fix timelines are shorter than the time it takes to deliver apizza.
SAAS APPS - EXPEL
Detecting business email compromise (BEC) is just the start We’ve got you covered when it comes to BEC. And we’re also looking for other signs like risky config changes, logins via proxy servers and attempts to bypass MFA. A BEGINNER’S GUIDE TO GETTING STARTED IN CYBERSECURITY There’s this Chef, Auguste Gusteau, who authors “ Anyone Can Cook.”Throughout the movie, you’re made to believe that the message of the book (and the movie) is that literally anyone canbecome a
HOW MUCH DOES IT COST TO BUILD A 24X7 SOC? Not all 24x7 SOCs are created equal. To figure out how much it costs to go 24x7, you have to first figure out what kind of SOC you’re trying to build. We outline four possible security operations centers and an estimate of your costs. EXPEL, INC. STATUSEXPEL INC VIRGINIAEXPEL INCEXPEL CYBER SECURITYEXPEL MDREXPEL HERNDON VAEXPEL HERNDON Welcome to Expel, Inc.'s home for real-time and historical data onsystem performance.
DAVE MERKEL
Dave Merkel (aka “Merk”) is the co-founder of Expel as well as the company’s chief executive officer. He’s ultimately responsible for everything and has been frequently mistaken for Willy Wonka. NIST CSF DASHBOARD AND OTHER NEW STUFF MAKING SENSE OF AMAZON GUARDDUTY ALERTS Amazon GuardDuty is a continuous threat monitoring service available to AWS customers that works by consuming CloudTrail logs (AWS native API logging), Virtual Private Cloud (VPC) flow logs and DNS logs. Fortunately, CloudTrail logging is enabled by default — and you don’t even have to pay for VPC flow logs or Amazon Route 53 (AWS DNS) to benefit from GuardDuty as long as you’re using an EXPEL - TRANSPARENT SOC AS A SERVICEWHAT WE DOWORKING WITH USFOR OUR CUSTOMERSABOUT EXPELBLOGCONTACT US Take a quick scroll through an overview of Expel's transparent SOC-as-a-Service offering and see how we provide 24x7 detection, response and resilience.ABOUT EXPEL
Yanek Korff is a co-founder of Expel as well as the company’s chief operating officer (COO). In addition to paying the bills and counting beans, Yanek makes it easyEXPEL MDR - EXPEL
Looking for a security makeover but don’t want a traditional SOC? We improve your security fast (hours or days not months). It’ll be cheaper than DIY, the quality of our response is stellar (just ask our customers) and when investigations turn to incidents our median alert-to-fix timelines are shorter than the time it takes to deliver apizza.
SAAS APPS - EXPEL
Detecting business email compromise (BEC) is just the start We’ve got you covered when it comes to BEC. And we’re also looking for other signs like risky config changes, logins via proxy servers and attempts to bypass MFA. A BEGINNER’S GUIDE TO GETTING STARTED IN CYBERSECURITY There’s this Chef, Auguste Gusteau, who authors “ Anyone Can Cook.”Throughout the movie, you’re made to believe that the message of the book (and the movie) is that literally anyone canbecome a
HOW MUCH DOES IT COST TO BUILD A 24X7 SOC? Not all 24x7 SOCs are created equal. To figure out how much it costs to go 24x7, you have to first figure out what kind of SOC you’re trying to build. We outline four possible security operations centers and an estimate of your costs. EXPEL, INC. STATUSEXPEL INC VIRGINIAEXPEL INCEXPEL CYBER SECURITYEXPEL MDREXPEL HERNDON VAEXPEL HERNDON Welcome to Expel, Inc.'s home for real-time and historical data onsystem performance.
DAVE MERKEL
Dave Merkel (aka “Merk”) is the co-founder of Expel as well as the company’s chief executive officer. He’s ultimately responsible for everything and has been frequently mistaken for Willy Wonka. NIST CSF DASHBOARD AND OTHER NEW STUFF MAKING SENSE OF AMAZON GUARDDUTY ALERTS Amazon GuardDuty is a continuous threat monitoring service available to AWS customers that works by consuming CloudTrail logs (AWS native API logging), Virtual Private Cloud (VPC) flow logs and DNS logs. Fortunately, CloudTrail logging is enabled by default — and you don’t even have to pay for VPC flow logs or Amazon Route 53 (AWS DNS) to benefit from GuardDuty as long as you’re using an EXPEL WORKBENCH FOR AWS Expel Workbench for AWS (‘cause who wants to play Where’s Waldo with AWS logs) Spending hours (or days) digging through a monotonous pile of logs probably isn’t high on your to-do list. DARKTRACE DIRECT GETTING STARTED GUIDE 6 www.expel.io G. Select an Assembler from the drop down (Choose the Assembler you set up in Step 2 of the Getting Started with Expel guide) H. Enter Name and Location I. private keyFor , enter the private token used to authenticate to the device, from Step 2, Letter D J. public keyFor , enter the API token used to authenticate to the device, from Step 2, Letter DRESOURCES - EXPEL
Peruse our resource center to learn about Expel, download customer documentation, and read our latest release notes HOW MUCH DOES IT COST TO BUILD A 24X7 SOC? Not all 24x7 SOCs are created equal. To figure out how much it costs to go 24x7, you have to first figure out what kind of SOC you’re trying to build. We outline four possible security operations centers and an estimate of your costs. GETTING STARTED GUIDES Get started with Expel and your tech. Getting started guides. Get started with Expel and your techSOC AS A SERVICE
So what is SOC-as-a-Service? (a different kind of SaaS ☺) SOC-as-a-Service solutions (sometimes called a virtual SOC) provide new options that go well beyond traditional managed security services. INTRODUCING A MIND MAP FOR AWS INVESTIGATIONS We’ve been doing a lot of investigations in AWS using CloudTrail logs and have been noticing some interesting things along the way. Sowe created an
SIGNS OF BUSINESS EMAIL COMPROMISE (BEC) PHISHING ATTACKS Learn what business email compromise is, BEC scams categories, and how to prevent or identify these spam phishing attacks in Office 365 including mailbox rule examples and more. HOW TO TRIAGE WINDOWS ENDPOINTS BY ASKING THE RIGHT Mindset over matter. As security practitioners, it’s important to remember that alerts are only the beginning, not the end, of finding evil. Alerts are simply investigative leads, not security answers.DENISE HAYMAN
Denise manages the team that helps future clients understand how Expel improves their security and makes them happier. She’s also a trier of new things from crossfit to jewelry making (and now meditation which she’s not overly patient with). Denise AnnouncementCase StudyCheckmarkcustomer-story-iconData Sheethow-to-logoposts skip to Main Content* What we do
* Overview
* Why we’re different* Demo
* Our customers
* Tech we plug into
* What you can buy
* Overview
* Expel MDR
* On-prem infrastructure * Cloud infrastructure* SaaS apps
* Expel Hunting
* Expel Workbench for AWS * Expel Managed Phishing* Pricing
* Problems we solve
* Overview
* Microsoft solutions * Secure the cloud fast * Get a SOC overnight* Replace my MSSP
* About Expel
* Overview
* Resources
* Careers
* Blog
* Contact us
*
Search Submit
Search Submit
X
* What we do
* Overview
* Why we’re different* Demo
* Our customers
* Tech we plug into
* What you can buy
* Overview
* Expel MDR
* On-prem infrastructure * Cloud infrastructure* SaaS apps
* Expel Hunting
* Expel Workbench for AWS * Expel Managed Phishing* Pricing
* Problems we solve
* Overview
* Microsoft solutions * Secure the cloud fast * Get a SOC overnight* Replace my MSSP
* About Expel
* Overview
* Resources
* Careers
* Blog
* Contact us
*
Search Submit
EXPEL IS A LEADER IN THE FORRESTER WAVE™: MANAGED DETECTION ANDRESPONSE, Q1 2021
Get the report
OUR CUSTOMERS
prev
next
AZURE GUIDEBOOK: BUILDING A DETECTION AND RESPONSE STRATEGY IF YOU’RE NEW TO MICROSOFT AZURE – OR YOU WANT TO POUR SOME “GO FAST” ON THE PROCESS OF SETTING UP YOUR SECURITY MONITORING IN THIS POPULAR CLOUD PLATFORM – WE’VE GOT YOUR BACK.Read more
FAST DETECTION, WITH CLEAR ANSWERS When we spot critical attacks, we go from alert-to-triage in less than 3 minutes. And give you the answers you need, written in plainEnglish.
YOUR EXISTING INVESTMENTSCLOUD
INFRASTRUCTURE
CLOUD
APPS
ENDPOINT
NETWORK
SIEM
EXPEL WORKBENCH™
EXPEL ANALYSTS
ANSWERS
GET FULL TRANSPARENCY We provide you with the root cause, what occurred and how to protect against future attacker activity.What is it?
Where is it?
When did it get here? How did it get here? How did we detect it?What actions
Should we take?
Take a tour now
YOU CHOOSE YOUR OWN SECURITY TECH. WE MAKE IT WORK HARDER. We’re constantly adding to this list, so if you have other tools that do similar things let’s talk.View all partners
RESILIENCE RECOMMENDATIONS MEASURABLY IMPROVE YOUR SECURITY Our analysts provide specific recommendations based on data from your environment and past trends.Learn more
Learn more
WE’LL HELP YOU BREAK UP WITH YOUR PROVIDER (or avoid that frustration in the first place)SOC-AS-A-SERVICE
_Get the capabilities of a modern security operations center withoutthe investment_
Learn how
REPLACE YOUR MSSP
_See what your managed security services relationship could look like_Compare
DETECT AND RESPOND
_Learn how our managed detection and response (MDR) service works withyour team_
Learn how
BEHIND THE SCENES IN THE EXPEL SOC: ALERT-TO-FIX IN AWS Over the July 4th holiday weekend our SOC spotted a coin-mining attack in a customer’s Amazon Web Services (AWS) environment. The attacker compromised… Learn more > THE TRANSPARENT MANAGED SECURITY HANDBOOK Learn what transparent managed security is, how it compares to other approaches and the role it plays in helping to improve your securityLearn more >
HOW MUCH DOES IT COST TO BUILD A 24X7 SOC? The phone rings. It’s your boss. “How much is it going to cost us to take our SOC to 24x7?!” It sounds urgent. Turns out he’s calling because he… Learn more > READY TO TALK TO A HUMAN? When you tell us you’re ready, we won’t waste your time. Let us know what you’re looking for and we’ll have someone get in touchwho can talk tech.
844.397.3524
*First Name
*Last Name
*Job Title
*Company Name
*Email Address
*Phone Number
*Country:
Select...AfghanistanAland IslandsAlbaniaAlgeriaAndorraAngolaAnguillaAntarcticaAntigua and BarbudaArgentinaArmeniaArubaAustraliaAustriaAzerbaijanBahamasBahrainBangladeshBarbadosBelarusBelgiumBelizeBeninBermudaBhutanBolivia, Plurinational State ofBonaire, Sint Eustatius and SabaBosnia and HerzegovinaBotswanaBouvet IslandBrazilBritish Indian Ocean TerritoryBrunei DarussalamBulgariaBurkina FasoBurundiCambodiaCameroonCanadaCape VerdeCayman IslandsCentral African RepublicChadChileChinaChinese TaipeiChristmas IslandCocos (Keeling) IslandsColombiaComorosCongoCongo, the Democratic Republic of theCook IslandsCosta RicaCote d'IvoireCroatiaCubaCuraçaoCyprusCzech RepublicDenmarkDjiboutiDominicaDominican RepublicEcuadorEgyptEl SalvadorEquatorial GuineaEritreaEstoniaEthiopiaFalkland Islands (Malvinas)Faroe IslandsFijiFinlandFranceFrench GuianaFrench PolynesiaFrench Southern TerritoriesGabonGambiaGeorgiaGermanyGhanaGibraltarGreeceGreenlandGrenadaGuadeloupeGuatemalaGuernseyGuineaGuinea-BissauGuyanaHaitiHeard Island and McDonald IslandsHoly See (Vatican City State)HondurasHungaryIcelandIndiaIndonesiaIran, Islamic Republic ofIraqIrelandIsle of ManIsraelItalyJamaicaJapanJerseyJordanKazakhstanKenyaKiribatiKorea, Democratic People's Republic ofKorea, Republic ofKuwaitKyrgyzstanLao People's Democratic RepublicLatviaLebanonLesothoLiberiaLibyan Arab JamahiriyaLiechtensteinLithuaniaLuxembourgMacaoMacedonia, the formerYugoslav Republic
ofMadagascarMalawiMalaysiaMaldivesMaliMaltaMartiniqueMauritaniaMauritiusMayotteMexicoMoldova,Republic
ofMonacoMongoliaMontenegroMontserratMoroccoMozambiqueMyanmarNamibiaNauruNepalNetherlandsNew CaledoniaNew ZealandNicaraguaNigerNigeriaNiueNorfolk IslandNorwayOmanPakistanPalestinian Territory, OccupiedPanamaPapua New GuineaParaguayPeruPhilippinesPitcairnPolandPortugalQatarReunionRomaniaRussian FederationRwandaSaint BarthélemySaint Helena, Ascension and Tristan da CunhaSaint Kitts and NevisSaint LuciaSaint Martin (French part)Saint Pierre and MiquelonSaint Vincent and the GrenadinesSamoaSan MarinoSao Tome and PrincipeSaudi ArabiaSenegalSerbiaSeychellesSierra LeoneSingaporeSint Maarten (Dutch part)SlovakiaSloveniaSolomon IslandsSomaliaSouth AfricaSouth Georgia and the South Sandwich IslandsSouth SudanSpainSri LankaSudanSurinameSvalbard and Jan MayenSwazilandSwedenSwitzerlandSyrian Arab RepublicTajikistanTanzania, United Republic ofThailandTimor-LesteTogoTokelauTongaTrinidad and TobagoTunisiaTurkeyTurkmenistanTurks and Caicos IslandsTuvaluUgandaUkraineUnited Arab EmiratesUnited KingdomUnited StatesUruguayUzbekistanVanuatuVenezuela, Bolivarian Republic ofViet NamVirgin Islands, BritishWallis and FutunaWestern SaharaYemenZambiaZimbabweSelect...*Message
And now a word from legal ... Information submitted on this form may be associated with other information we have collected and used pursuant to the Expel Online Privacy Policy.
Talk to us
THANKS FOR CLICKING SUBMIT. YOUR MESSAGE IS NOW BEING DIRECTED TO AREAL PERSON.
Twitter LinkedIn
* Report vulnerability* Careers
* Common questions
Expel, Inc.
* Contact us
* Privacy policy
* Site credits
Back To Top
FILTERS
Information storage and accessCancel Apply
PRIVACY PREFERENCE CENTER When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer. More information*
STRICTLY NECESSARY COOKIESAlways Active
Strictly Necessary Cookies These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.*
TARGETING COOKIES
Targeting Cookies
These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.*
PERFORMANCE COOKIES
Performance Cookies
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.*
FUNCTIONAL COOKIES
Functional Cookies
These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not functionproperly.
Allow All Confirm My ChoicesBack Button
Back
Vendor Search Search IconVENDORS LIST
Filter Icon Filters (0) Consent Leg.InterestSelect All
Select All Vendors
Select All Vendors
Select All Hosts
By clicking “Accept all cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. Our cookie policy Accept all cookies View cookie settingsDetails
Copyright © 2024 ArchiveBay.com. All rights reserved. Terms of Use | Privacy Policy | DMCA | 2021 | Feedback | Advertising | RSS 2.0