Engineering | 1 min read
So long, 2022! Our year in review

To mark the end of 2022 and the beginning of 2023, we’ve curated some of our favorite blog posts from the past 12 months.

Engineering | 5 min read
45 minutes to one minute: how we shrunk image deployment time

We recently figured out how to reduce Kubernetes image deployment time from 45 minutes (way too long) to one minute (really fast). Here’s how we did it.

Engineering | 3 min read
Connect Hashicorp Vault and Google’s CloudSQL databases: new plugin!

Expel is excited to open source a new Hashicorp Vault plugin that brokers database credentials between Hashicorp Vault and Google’s CloudSQL DBs.

Engineering | 5 min read
Threat hunting: Build or buy?

Not sure if you should build your own hunting capability or get a hunting partner? Check out this post to discover your options and the things you should consider (yes, we break down cost for you).

Engineering | 12 min read
Migrating to GKE: Preemptible nodes and making space for the Chaos Monkeys

Find out how Expel’s internal teams collaborated to migrate our core infrastructure from a legacy environment to GCP, with no downtime (while also making sure they were prepared for a little chaos).

Engineering | 6 min read
5 best practices to get to production readiness with Hashicorp Vault in Kubernetes

Flying blind when it comes to running Hashicorp Vault in Kubernetes? We’ve got you covered. Accelerate your path to production without compromising on security with these tips and best practices.

Engineering | 8 min read
Containerizing key pipeline with zero downtime

Migrating to Kubernetes as Expel’s core engineering platform with zero downtime – and without interfering with our analysts’ workflow – is a tall order. But our engineers pulled it off. Find out how.

Engineering | 12 min read
Behind the scenes: Building Azure integrations for ASC alerts

Find out how Expel’s internal teams built an integration on top of Azure signal – creating a new detection strategy for ASC that provides more context around alerts and improves customer visibility.

Engineering | 7 min read
Plotting booby traps like in Home Alone: Our approach to detection writing

Find out how Expel’s D&R engineers think about detection writing, and how this process helps our SOC analysts make smart decisions and gain a deeper understanding of our customers’ environments.

Engineering | 2 min read
Announcing Open Source python client (pyexclient) for Expel Workbench

We’re open sourcing a python client in the Expel Workbench! This labor of love will allow our customers to take advantage of our APIs. Find out what the release of the pyexclient project includes.

Engineering | 8 min read
The power of orchestration: how we automated enrichments for AWS alerts

Automation is key when it comes to helping analysts focus on doing what they do best – investigating legitimate threats. Find out how we use orchestration to automate enrichments for AWS alerts.

Engineering | 8 min read
Terraforming a better engineering experience with Atlantis

To build something useful you must first understand your users. Find out how Expel used Terraform and Atlantis to build a platform that makes self-service provisioning in cloud infrastructure easy. % %