Security operations
Expel rides a Wave

Forrester recently invited Expel and a number of other cybersecurity companies to participate in research for its report, The Forrester Wave™: Managed Detection and Response, Q2 2023, and we jumped at the…

Security operations | 2 min read
Patch Tuesday roundup for March 2024

The March 2024 Patch Tuesday included 60 CVEs from Microsoft and a macOS Sonoma Security Update to address 68 CVEs from Apple. Here’s what our team recommends to reduce exploit risk.

Security operations | 8 min read
How to get started with the NIST Cybersecurity Framework (CSF) 2.0

We give you a quick tour of the NIST CSF and describe how you can baseline your efforts in a couple of hours. So check it out.

Security operations | 2 min read
Security alert: Ivanti Connect Secure and Policy Secure zero-day vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) believes threat actors are exploiting Ivanti Connect Secure and Policy Secure zero-day vulnerabilities. Here's what to know.

Security operations | 2 min read
Security alert: ConnectWise ScreenConnect 23.9.8 security fix

Vulnerabilities affecting ConnectWise versions 23.9.7 and prior leave self-hosted and on-premise ScreenConnect instances exposed to attackers. Here’s what happened and what can do about it now.

Security operations | 4 min read
Automated remediation: benefits and customization

Auto remediation represents substantial benefits, including cost savings and faster response times, but one size doesn’t fit all. Your solution should be customizable for your specific environment.

Security operations | 2 min read
Why is NIST adding Governance to the NIST CSF 2.0?

As the security industry waits for NIST CSF 2.0 to publish, you might be asking yourself why NIST is adding more guidance around governance. We shed some light on the question and share what we know.

Security operations | 1 min read
GKE/Gmail vulnerability: notes and tips

Security researchers have discovered a new Google Kubernetes Engine misconfiguration. Here’s what you need to know.

Security operations | 7 min read
Transparency in MDR: three use cases

Transparency is one of our core tenets. It influences how we built our products, we interact with each other, how we design our compensation systems, and how we work with our customers and prospects.

Security operations | 3 min read
2024 Annual Threat Report: findings and predictions

This year’s Annual Threat Report describes the major attack trends we saw last year and offers advice to safeguard your org. Some of our top security minds also make predictions for 2024.

Security operations | 3 min read
Let your security maturity be your guide

Security maturity plays a big role in determining how your SecOps strategy evolves. Learn how an Expel customer determined it was the right time to add threat hunting to his repertoire.

Security operations | 3 min read
New mind maps & cheat sheets: Azure & Kubernetes

Our new Kubernetes mind map/cheat sheet makes it easier for you to know which API calls are associated with different MITRE ATT&CK tactics in k8s environments.

Security operations | 6 min read
Assessing suspicious Outlook rules: an exercise

Outlook Inbox rules are used for legitimate and malicious reasons alike. Here are some actual case exercises, tips, and tricks on how to analyze them using the rule’s conditions alone.