Security operations · 2 MIN READ · PATRICK DUFFY · NOV 28, 2023 · TAGS: MDR / SOC / Tech tools
Managed security services can often feel like a black box. Workbench’s History shows every investigative action in a single thread, from the moment it was triaged through its closure.
Lacking full visibility into a managed detection and response (MDR) team’s work can leave security teams feeling like they’re in the dark, unsure about the quality of analysis happening. And we know that transparency is essential when evaluating MDR vendors because you need to know the value they are providing..
At Expel, we think of ourselves as your partner—we work with you to protect your org from security threats. Part of this partnership requires a clear understanding of all the work that Expel Workbench™ and our security analysts are doing to protect you. To that end, we’re excited to introduce updates to our History feature in Workbench. This feature makes it easier for you and your teams to understand the work we’re doing behind the scenes, so you can spend less time managing an MDR and more time on strategic initiatives.
So what’s new with History?
Previously, investigative actions of an alert and incident could be seen in the History view in Workbench. We’ve redesigned this functionality—adding even more details and making it easier to use. History now clearly shows the details which led to the alert being raised as an incident or dismissed as a non-threat. Additionally, you get a chronological list of events and actions our analysts took, giving you greater transparency so you’re not left wondering what the heck we’re doing behind the scenes.
Workbench’s History presents every analyst investigative action in a single thread, from the moment it was triaged through an incident’s closure. You can see clear and approachable descriptions of each action, making it easy to follow what was done to come to a conclusion. Additionally, you can see the results of actions taken from Workbench with the click of a button, contextualizing the work done and the reasons for making a specific determination. By providing this next level of transparency, security teams can rest assured of the investigative quality happening around their environment and spend less time managing their MDR.
We think this is pretty cool. No other security operations provider affords this much visibility into their MDR work, and it’s a testament to the confidence we have in our abilities, as well as the strength of the relationships we have with our customers. We hope you’ll check out the updated History feature, which is now live and active in Workbench.
Interested in learning more about Expel Workbench? Drop us a line.