Security operations
Expel rides a Wave

Forrester recently invited Expel and a number of other cybersecurity companies to participate in research for its report, The Forrester Wave™: Managed Detection and Response, Q2 2023, and we jumped at the…

Security operations | 1 min read
Security alert: zero-day vulnerability CVE-2023-4863 in libwebp (WebP) library

CVE-2023-4863 is a zero-day vulnerability in libwebp, which can result in arbitrary command execution when exploited. Here’s why it matters and what to do.

Engineering | 2 min read
Integrations roundup: maximize your existing tech investments

Our integrations portfolio includes 100+ technologies, and we’re always adding to that list. Here are the newest tech integrations we’ve added to our security operations platform, Expel Workbench™.

Security operations | 3 min read
Proactive threat hunting: the what, why, and how

Your threat hunting program should focus on TTPs, holes, and areas of concern around your security posture and create hunts to probe those areas.

Security operations | 6 min read
Wake me up, before you log-log (…or when September ends, whichever comes first)

Logs are a necessary and useful component in any cybersecurity practice, but when and how you use them can significantly change your security outcomes.

Security operations | 3 min read
Red team sneakiness: Splunking for AD certificate abuse

Recently we saw a red team operation which included attacks against Active Directory, and none of our detections picked them up. Here’s how we solved the mystery.

Engineering | 2 min read
Two new Expel Workbench™ improvements for greater transparency

We’ve released new features in Expel Workbench that improve transparency. These enhancements give you better visibility into your SecOps today, and what’s in store for the platform in the future.

Security operations | 3 min read
New partner program grows businesses, brands, relationships

Our approach serves the partner community by helping extract additional value from existing security investments and making them work harder. This way, partners can deliver additional value to their customers.

Security operations | 4 min read
AiTM/business email compromise attacks: what to watch for

One of the most common ways attackers defeat MFA is by using an AiTM credential harvester. Here we outline the most common tactics and provide advice on how to short-circuit this dangerous attack.

Security operations | 2 min read
Cyberattackers evolve: the Quarterly Threat Report for Q2 2023

Our Q2 2023 Quarterly Threat Report examines the rise of commodity malware, AiTM phishing techniques, and the impact of new (and old) software vulnerabilities.

Security operations | 2 min read
How MDR complements your SIEM investment

MDR adapts to whatever your SIEM needs to do. Accelerate time-to-value and simplify how you view SIEM security alerts, so that you get the answers you need sooner and more time back for your team.

Expel insider | 2 min read
Black Hat 2023 roundup: a week to reflect on

Black Hat USA 2023 is a wrap, and it focused on some big issues—AI and what to do about the industry’s skills gap, for example. Also, we rolled out our new vulnerability prioritization offering.

Talent | 3 min read
20 tips for aspiring security operations center analysts

Candor, curiosity, passion for learning, humility, empathy, and being a good teammate can take a prospective security analyst far.