SOC
SOC | 4 min read
Stories from the SOC: The curious case of termination noticesOur new "Stories from the SOC" series shares real-world attacks we've seen and stopped. This one covers a phishing attack on a university.
SOC | 3 min read
Stories from the SOC: When threats come from inside the houseMDR email coverage is more than just flagging spam to contain threats. Here's what happens when malicious emails come from within an org.
SOC | 7 min read
Stressed SOC? Data’s your best ally to justify more resourcesUse analyst workload metrics and efficiency KPIs data to build a business case for more SOC resources and increased budget.
SOC | 4 min read
Patch Tuesday (Expel’s version): March 2025The March 2025 edition of Patch Tuesday is live, and this month we included ColdFusion vulnerability data Expel has seen recently.
SOC | 1 min read
SOC-ful of gratitude: a Thanksgiving messageEnjoy this special holiday message from Expel employees to our SOC. We're thankful to all of you for protecting our customers!
SOC | 3 min read
Happy Halloween! Cybersecurity horror stories from SOCs pastEnjoy these horror stories from past SOCs, as our analysts share their most haunting tales from previous roles (and get some tips, too).
SOC | 7 min read
Logs your SOC can use every day: a quick reference guideWe pulled the logs our SOC team use daily into a handy quick reference guide for our analysts—and now, you.
SOC | 5 min read
Work with your SOC/MDR in a cybersecurity risk assessmentThere are different kinds of security assessments, and what you perform should be aligned to your organization's goals.
SOC | 8 min read
How much does it cost to build a 24×7 SOC?Not all 24x7 SOCs are created equal. Here we outline four possible security operations centers and an estimate of your costs.
SOC | 4 min read
The SOC organicMDR should be organic. Learn how Expel combines the best automation with human insight to deliver the security your organization needs.
SOC | 2 min read
How we built it: the Expel SOC-in-the-SkyCurious what it takes to turn a hotel ballroom into a 24/7 SOC? Learn how and why we created a "SOC-in-the-Sky" for our company kickoff.
SOC | 3 min read
Touring the modern SOC: where are the dials and blinking lights?An Expel SOC tour isn’t about blinking lights. It's a discussion about mission, mindset, and the operations that make security work.
SOC | 8 min read
How to measure SOC qualityScale your SOC while improving quality. Expel's SOC builders explain the metrics and methods they used to pull it off. Learn how you can too.
SOC | 3 min read
How to make the most of your virtual SOC tourGet an inside look at our SOC from anywhere. Learn what’s included in Expel’s virtual tour and how to maximize your time with our team.
SOC | 10 min read
Performance SOC metrics, part 1: Measuring efficiencyHow do you establish efficient SOC metrics? Understand our team’s approach to setting SOC goals, creating a strategy and measuring success.
SOC | 5 min read
7 habits of highly effective (remote) SOCsSecurity ops is a team sport … but how do you “play” together when your company’s working 100% remotely? Jon’s got some advice.
SOC | 6 min read
7 habits of highly effective SOCsWondering what it takes to build an effective SOC full of motivated, happy analysts? We’ve got some thoughts on that.
SOC | 3 min read
Four habits of highly effective security teamsPractice these habits consistently and you’ll have an engaged, talented and all-around awesome security team.
SOC | 6 min read
How to get the most out of your upcoming SOC tour: making your provider uncomfortableVisiting an MSSP's SOC? Learn how to prepare for your visit to get the best sense of the service you're really buying.
SOC | 8 min read
What “I Love Lucy” teaches us about SOC performanceA little nerdy (and a lot math-y) post to help you better understand your SOC's systems, so you know how changes will impact its operation.
SOC | 4 min read
Mistakes to avoid when measuring SOC performanceDiscover the three most common mistakes companies make when developing their first set of operational metrics.