MDR
MDR | 3 min read
Getting real value from your Palo Alto investment: how Expel MDR transforms security operationsExpel MDR reduces Palo Alto alert noise by 87% with 17-minute response times. Expert 24x7 analysis maximizes your security investment ROI.
MDR | 7 min read
How to sell Expel MDR to your CFO: the complete guideSelling MDR to a CFO is challenging. Use numbers that matter, and be prepared for questions. This guide can help you prepare your proposal.
MDR | 4 min read
The hidden costs of ‘cheaper’ securityBeware of the hidden costs of "cheaper" security, and know what you should ask and pay attention to before switching MDR providers.
MDR | 7 min read
Alert fatigue, burnout, turnover: lather, rinse, repeatMany security orgs are trapped in a difficult cycle. Alert fatigue causes service quality degradation and fuels burnout. Rinse & repeat.
MDR | 5 min read
Insights on the MDR market from the Gartner® Security & Risk SummitExpel attending the Gartner Security & Risk Summit. Here are the insights we gathered on the MDR market post-conference.
MDR | 2 min read
Identity: Your new financial fortress (and who’s trying to log in?)Identity is the new perimeter in cybersecurity, and bad attackers aren't breaking in—they're logging in, and targeting FinServ.
MDR | 6 min read
Scaling detection: When 1 + 1 = 3 (grouping IPs to find bad actors across orgs)Here's an overview of how at Expel, we group large data sets via IP information to identify bad actors working across multiple customers.
MDR | 2 min read
Simplifying Microsoft security with Expel MDRExpel MDR seamlessly integrates with all the Microsoft security tools in your tech stack, from Microsoft Azure to Microsoft 365 and more.
MDR | 4 min read
MDR pricing decoded: what CISOs and security directors need to knowDiscover the hidden costs behind MDR pricing models. Learn what CISOs need to know about managed detection and response pricing, per-endpoint costs, and avoiding 'free' feature traps to make informed MDR cost decisions.
MDR | 2 min read
Join Expel & Forrester for a discussion on threat hunting and detectionJoin Expel & Forrester on May 7 at 2pm ET for a live webinar discussing threat hunting and detection strategies.
MDR | 4 min read
The great SIEM paradox: does more data equal better security?More data doesn't equate to better security. Understand what data belongs in a SIEM (and what doesn't), and how Expel MDR can help.
MDR | 3 min read
Closing the revolving door in security: solving FinServ staffing strugglesExpel can help you maximize your FinServ security team's capabilities with our managed detection and response (MDR) and automation offerings.
MDR | 6 min read
15 criteria Expel rocked a 5/5 score in The Forrester Wave™: MDR Services, Q1 2025Enjoy this complimentary playlist while diving into the fifteen reasons why Expel is the best option when it comes to MDR cloud providers.
MDR | 4 min read
Security data done right: A conversation on MDR, SIEM, and data storageCatch a recap of Expel's conversation with Sumo Logic on the pitfalls of bad data storage habits, and learn how to resolve them with tips.
MDR | 3 min read
How Expel MDR protects your customers and capitalExpel MDR protects customers and capital, and is a great cybersecurity partner for financial institutions and organizations.
MDR | 10 min read
Beware QR code phishing, subscription bombing, and other Grinchy scams this holiday seasonAs the holidays approach, cyber Grinches are phishing for data, credentials, and more. Look out for these email scams and check your inbox this season!
MDR | 9 min read
MDR mythbusters: ten common myths, debunkedWe debunk ten MDR myths to help you make sense of the increasingly complex security landscape and understand cybersecurity alphabet soup.
MDR | 4 min read
Part III: How MDR can transform your SIEM investmentThis is part three of a three-part blog series on how MDR can transform your SIEM investment by augmenting and optimizing its capabilities.
MDR | 4 min read
Part II: How MDR can transform your SIEM investmentThis is part two of a three-part blog series on how MDR can transform your SIEM investment by augmenting and optimizing its capabilities.
MDR | 4 min read
Part I: How MDR can transform your SIEM investmentThis is part one of a three-part blog series on how MDR can transform your SIEM investment by augmenting and optimizing its capabilities.
MDR | 3 min read
AI and security: hype or hope?Now that the dust is settling and the AI picture is getting clearer, it's time to separate fact from fiction.
MDR | 3 min read
How phishing threat actors are using AI: a real world exampleOur phishing team intercepted an email that appears to contain AI-generated code. Here's what it can teach you.
MDR | 3 min read
Making sense of the seismic shifts in the SIEM worldHere's answers to pressing questions about what's happening in the world of SIEM, and what to do if you're asking yourself these questions.
MDR | 3 min read
No honor among ransomware criminalsTake steps to assess your org’s security now, so you can protect yourself from ransomware gangs like BlackCat.
MDR | 7 min read
Transparency in MDR: three use casesTransparency influences everything we do at Expel. Here's why it's a beneficial strategy for your business.
MDR | 3 min read
Let your security maturity be your guideSecurity maturity is critical in determining your SecOps strategy. Learn how an Expel customer determined it was time to add threat hunting.
MDR | 6 min read
Assessing suspicious Outlook rules: an exerciseOutlook Inbox rules are used for legitimate and malicious reasons. Use these case exercises, tips, and tricks on how to analyze them.
MDR | 4 min read
What frameworks and tools drive security maturity?New research by the SANS Institute, commissioned by Expel, outlines the frameworks, tools, and techniques that drive security maturity.
MDR | 3 min read
What outcomes can you expect from security-enabled innovation?Security ROI research shows that security investments drive innovation, which has wide-reaching ripple effects that enable business success.
MDR | 3 min read
When does an org need to up its cybersecurity game?Every company must have an acceptable level of security to earn customer and partner trust as it grows. How do you know when you're there?
MDR | 2 min read
To build or to buy…that is the questionShould I build my own SOC or partner with an MDR provider? There’s a lot more that goes into the answer than dollars and cents alone.
MDR | 2 min read
Risk-based prioritization in vulnerability managementRisk-based, stakeholder-specific vulnerability prioritization can reduce risk and drive results. Learn more with this whitepaper.
MDR | 3 min read
Hypothesis-based threat hunting: the what, why, and howYour threat hunting program should focus on TTPs, holes, and areas of concern around your security posture and create hunts to probe those areas.
MDR | 6 min read
Wake me up, before you log-log (…or when September ends, whichever comes first)Logs are a necessary and useful component in any cybersecurity practice, but when and how you use them can significantly change your security outcomes.
MDR | 3 min read
Red team sneakiness: Splunking for AD certificate abuseRecently we saw a red team operation which included attacks against Active Directory. Here’s how we solved the mystery.
MDR | 2 min read
How MDR complements your SIEM investmentMDR adapts to whatever your SIEM needs to do. Accelerate time-to-value and simplify how you view SIEM security alerts.
MDR | 4 min read
The role of artificial intelligence in threat huntingArtificial intelligence—or, more accurately, machine learning (ML)—is a huge boost for threat hunters. Here's how.
MDR | 4 min read
Vulnerability prioritization improves security, saves time & moneyExpel® Vulnerability Prioritization highlights your most critical vulnerabilities so you can fix them first to reduce risk and prioritize.
MDR | 3 min read
How phishing opens the door to business email compromiseBusiness email compromise shares similarities with phishing emails, but the two are distinct in some important ways. Here's what's different.
MDR | 2 min read
Threat hunting basics: understanding key principlesThreat hunting basics—continuous monitoring, intel-driven, hypothesis testing, and collaboration—help you detect and smother threats faster.
MDR | 2 min read
Risk-based prioritization is the key to your vulnerability management challengesInstead of wasting resources on low-risk vulnerabilities, vulnerability prioritization identifies, prioritizes, and remediates based on relative risk.
MDR | 2 min read
Threat hunting complements MDR for a stronger defensive strategyLearn how an elite MDR operation works with threat hunting to rapidly uncover critical insights and stop threats faster.
MDR | 2 min read
Vulnerability management, prioritization, and assessment: what’s the difference?Prioritize vulnerabilities effectively. Learn how management covers the full lifecycle and why prioritization is key to reducing your risk.
MDR | 4 min read
Expel rides a WaveExpel has been named a Leader in The Forrester Wave™: Managed Detection and Response, Q2 2023. Expel achieved the highest score in the Current Offering category at 4.6.
MDR | 3 min read
New UK cybersecurity report: top 5 findingsExpel’s new survey of UK IT decision makers reveals the primary concerns facing both security leaders and front-line workers.
MDR | 2 min read
Which flavor of MDR is right for your org?Clear up your MDR confusion with the Gartner® Market Guide for Managed Detection and Response Services.
MDR | 3 min read
5 cybersecurity predictions for 2023Gaze into the future of cybersecurity. Our 2023 predictions will help you prepare for the biggest trends and threats on the horizon.
MDR | 4 min read
Attacker-in-the-middle phishing: how attackers bypass MFAA new "attacker-in-the-middle" (AitM) phishing tactic can end-run your MFA defenses. Get our analysis and learn how to protect your org.
MDR | 4 min read
Who ya gonna call (to make the most of your SIEM data)?Import your SIEM into Expel Workbench and turn hours of development into custom rules. Find out why you might not need a SIEM at all.
MDR | 12 min read
Detection and response in action: an end-to-end coverage storyThis dramatized case study illustrates how our MDR, phishing, and threat hunting services work, and most importantly, how they work together.
MDR | 14 min read
MORE_EGGS and Some LinkedIn Resumé SpearphishingThis post details how we recently detected and disarmed a clever LinkedIn resume spearphishing attack.
MDR | 4 min read
How should my MDR provider support my compliance goals?Find out what compliance means in practice and how your MDR provider can support your compliance program, not become a liability.
MDR | 9 min read
12 revealing questions to ask when evaluating an MSSP or MDR vendorWe’ve heard lots of interesting Qs as prospective customers evaluate which MDR provider is right for them... here are the 12 you should be asking.
MDR | 5 min read
How to avoid shelfwareSet yourself up for success by asking these four questions before you purchase new security products. (5 min read)
MDR | 7 min read
From webshell weak signals to meaningful alert in four stepsStop wasting time on weak security signals. Learn how to combine endpoint and network events for a single, actionable alert.
MDR | 3 min read
Get your security tools in order: seven tactics you should knowGet your work right. Learn seven things to consider to bring harmony to your security toolchain and get the equipment you need to succeed.
MDR | 7 min read
How to triage Windows endpoints by asking the right questionsThe three parts of the investigative mindset and how to apply them when you triage endpoint alerts. (8 min read)
MDR | 5 min read
A cheat sheet for managing your next security incidentTactical advice on how to survive a security incident when you don’t have an incident response plan. (6 min read)