Engineering | 6 min readWhat’s it like being a female site reliability engineer?
The tech industry, and engineering positions especially, can be very difficult for women. In this interview, one of Expel’s SREs discusses her career path and lauds the support she’s found here.
Engineering | 5 min readHow we built it: the app that gives our analysts more time to fight cyber evil
Auto-close marketing emails (AME), a feature we built for our SOC, not only frees up time for our analysts, it offers insight into application development using machine learning.
Engineering | 3 min readSuspicious Outlook rules: high-fidelity patterns to watch for
Inbox rule manipulation is hard to accurately alert on since inbox rule creation and management exist for valid reasons. Here’s some tips on how to spot high-fidelity inbox manipulation tactics.
Engineering | 2 min readIntegrations roundup: maximize your existing tech investments
Our integrations portfolio includes 100+ technologies, and we’re always adding to that list. Here are the newest tech integrations we’ve added to our security operations platform, Expel Workbench™.
Engineering | 2 min readTwo new Expel Workbench™ improvements for greater transparency
We’ve released new features in Expel Workbench that improve transparency. These enhancements give you better visibility into your SecOps today, and what’s in store for the platform in the future.
Engineering | 4 min readThe role of artificial intelligence in threat hunting
Artificial intelligence—or, more accurately, machine learning (ML)—is a huge boost for threat hunters thanks to its speed, proactivity, automation, efficiency, and ability to promote collaboration.
Engineering | 1 min readNew Expel Workbench integrations: defend against identity threats
Our latest Integrations with 1Password, Snowflake, Auth0, and Crowdstrike Falcon Identity Protection help protect against identity threats.
Engineering | 8 min readInstrumenting the “big three” managed Kubernetes offerings with Python
What’s the best way to securely access the Kubernetes API for managed offerings like GKE, EKS, and AKS? Each has its own middleware, best practices, and hurdles to clear. In this post, we’ll give you the tools you need to do it yourself.
Engineering | 3 min readIntegrations roundup: new integrations to manage overall business risk
Expel has always used a bring-your-own-tech approach to security operations. Now our integrations are expanding beyond the sphere of cybersecurity and into some of today’s most popular business apps.
Engineering | 5 min read45 minutes to one minute: how we shrunk image deployment time
We recently figured out how to reduce Kubernetes image deployment time from 45 minutes (way too long) to one minute (really fast). Here’s how we did it.
Engineering | 3 min readConnect Hashicorp Vault and Google’s CloudSQL databases: new plugin!
Expel is excited to open source a new Hashicorp Vault plugin that brokers database credentials between Hashicorp Vault and Google’s CloudSQL DBs.
Engineering | 11 min readMigrating to GKE: Preemptible nodes and making space for the Chaos Monkeys
Find out how Expel’s internal teams collaborated to migrate our core infrastructure from a legacy environment to GCP, with no downtime (while also making sure they were prepared for a little chaos).
Engineering | 6 min read5 best practices to get to production readiness with Hashicorp Vault in Kubernetes
Flying blind when it comes to running Hashicorp Vault in Kubernetes? We’ve got you covered. Accelerate your path to production without compromising on security with these tips and best practices.
Engineering | 12 min readBehind the scenes: Building Azure integrations for ASC alerts
Find out how Expel’s internal teams built an integration on top of Azure signal – creating a new detection strategy for ASC that provides more context around alerts and improves customer visibility.
Engineering | 7 min readPlotting booby traps like in Home Alone: Our approach to detection writing
Find out how Expel’s D&R engineers think about detection writing, and how this process helps our SOC analysts make smart decisions and gain a deeper understanding of our customers’ environments.
Engineering | 2 min readAnnouncing Open Source python client (pyexclient) for Expel Workbench
We’re open sourcing a python client in the Expel Workbench! This labor of love will allow our customers to take advantage of our APIs. Find out what the release of the pyexclient project includes.
Engineering | 8 min readThe power of orchestration: how we automated enrichments for AWS alerts
Automation is key when it comes to helping analysts focus on doing what they do best – investigating legitimate threats. Find out how we use orchestration to automate enrichments for AWS alerts.
Engineering | 8 min readTerraforming a better engineering experience with Atlantis
To build something useful you must first understand your users. Find out how Expel used Terraform and Atlantis to build a platform that makes self-service provisioning in cloud infrastructure easy. % %