Introducing Expel for phishing

· 2 MIN READ · PETER SILBERMAN · OCT 13, 2020 · TAGS: Company news / MDR

If you’ve worked in cybersecurity for a hot second, then you know crafty attackers are always busy dreaming up new ways to compromise your org – whether it’s through your AWS environment or man-in-the-middle-ing your CEO’s credentials.

Yet one of the oldest (and still effective) tricks in the book for getting inside an org is through its employees’ inboxes.

Yep, we’re talking about phishing.

Chances are, you’ve invested time to train your employees to have a keen eye for suspicious emails. If you’ve been successful, they’re slamming that phish button every time a malicious email lands in their inbox. And your phishing simulations are seeing good success rates.


And now your team needs to review and investigate every single one of those emails that are reported. *Record scratch*

It’s time consuming, tedious and it’s keeping your talented analysts from focusing on the more strategic security work you hired them to do.

Finding ways to triage an abundance of phishing emails while still keeping your analysts happy and engaged isn’t an easy task. In fact, we hear it all the time from our customers that it’s something they struggle with.

Which is exactly why we created Expel for Phishing.

How Expel’s managed phishing service works

There are plenty of products out there to help triage phishing emails.

So what makes us different?

While other phishing products also surface emails they believe to be phishing, they typically stop there.

But Expel takes it a step further. Our analysts have eyes on every email that is either directly forwarded to us or is delivered through a “report phishing” button.

From there, we determine if the email is indeed a legitimate phishing attempt.

And then Expel for Phishing keeps going. When we find an email that’s a phishing attack, we use your endpoint detection and response (EDR) tool to see what the user did, if they’re compromised and if anyone else clicked on the email.

From there, we provide you with a detailed report that includes remediation recommendations – including exactly which employees clicked on the malicious email and what you need to do to shut those attackers down.

If you’re more of a visual learner, here’s a peek at the process we just described:

Expel managed phishing process

Like any other services from Expel, our analysts keep you in the loop throughout the investigation and remediation processes through a dedicated Slack channel and the Expel Workbench.

Drowning in phishing emails?

Let us throw you a line.

We’re excited to help orgs of all shapes and sizes manage their phishing emails, letting their security teams get back to focusing on the security work they love.

If you’d like to find out more, check out our Expel for phishing page.