Engineering

Not sure if you should build your own hunting capability or get a hunting partner? Check out this post to discover your options and the things you should consider (yes, we break down cost for you).

Find out how Expel’s internal teams collaborated to migrate our core infrastructure from a legacy environment to GCP, with no downtime (while also making sure they were prepared for a little chaos).

Flying blind when it comes to running Hashicorp Vault in Kubernetes? We’ve got you covered. Accelerate your path to production without compromising on security with these tips and best practices.

Migrating to Kubernetes as Expel’s core engineering platform with zero downtime – and without interfering with our analysts’ workflow – is a tall order. But our engineers pulled it off. Find out how.

Find out how Expel’s internal teams built an integration on top of Azure signal – creating a new detection strategy for ASC that provides more context around alerts and improves customer visibility.

Find out how Expel’s D&R engineers think about detection writing, and how this process helps our SOC analysts make smart decisions and gain a deeper understanding of our customers’ environments.

We’re open sourcing a python client in the Expel Workbench! This labor of love will allow our customers to take advantage of our APIs. Find out what the release of the pyexclient project includes.

Automation is key when it comes to helping analysts focus on doing what they do best – investigating legitimate threats. Find out how we use orchestration to automate enrichments for AWS alerts.

To build something useful you must first understand your users. Find out how Expel used Terraform and Atlantis to build a platform that makes self-service provisioning in cloud infrastructure easy.