Planning
Security operations | 2 min read
Five security takeaways for Cybersecurity Awareness Month (and every month)Expel analyst Aaron Walton was featured in Guidepoint Security's blog for Cybersecurity Awareness Month, and shared thoughts with other SOC members.
Expel insider | 3 min read
A recap: Expel’s 2024 Black Hat experienceBlack Hat 2024 is over, and the big themes this year were vulnerabilities, election infrastructure, and evaluating security maturity. Also, we debuted our new burnout ebook.
Security operations | 8 min read
How to get started with the NIST Cybersecurity Framework (CSF) 2.0We give you a quick tour of the NIST CSF and describe how you can baseline your efforts in a couple of hours. So check it out.
Security operations | 3 min read
What outcomes can you expect from security-enabled innovation?Security ROI is about a lot more than dollars and cents. The research shows that security investments drive innovation, which has wide-reaching ripple effects that enable business success.
Security operations | 8 min read
How much does it cost to build a 24×7 SOC?Not all 24x7 SOCs are created equal. Here we outline four possible security operations centers and an estimate of your costs.
Tips | 6 min read
6 things to do before you bring in a red teamRed team engagements are essential to helping your SOC analysts stay battle ready. But before screaming, “CHARGE,” here are six things you should do to prepare for taking on a red team.
Security operations | 3 min read
Election security: Why to care and what to do about itWhether you work in security or are an informed voter (or both!), the security of our election ecosystem is everybody’s business. Here are the challenges our system faces and what we can do about them.
Security operations | 2 min read
NIST CSF: A new interactive tool to track your progressThere’s lots to like about the NIST CSF. Here are our practical tips for how to use it, plus a preview of a new NIST feature we introduced in Expel Workbench™.
Security operations | 6 min read
Exabeam: an incident investigator’s cheat codeWe love EDR tools too, but here are our best tips and tricks for combining EDR data with other (equally) important security signals.
Security operations | 8 min read
Why the cloud is probably more secure than your on-prem environmentIs your data really safer in the server room next door? Probably not. Here are five reasons why the cloud offers better security than your on-prem environment.
Talent | 6 min read
7 habits of highly effective SOCsWondering what it takes to build an effective SOC full of motivated, happy analysts? We’ve got some thoughts on that.
Security operations | 10 min read
Applying the NIST CSF to U.S. election securityNIST isn’t only useful for corporations -- it’s helpful for guiding security activities around processes like our national elections. Our CISO’s got some thoughts on exactly how to apply NIST to election security.
Tips | 4 min read
5 tips for writing a cybersecurity policy that doesn’t suckAll good cybersecurity policies share some similar traits. Here are our pro tips for creating a solid policy for your own org.
Security operations | 6 min read
Five things law firms can do now to improve their security for tomorrowRelativity CSO Amanda Fennell shares the top five, easy-to-get-started things she sees forward-thinking law firms doing to improve their security.
Security operations | 8 min read
Our journey to JupyterHub and beyondIf you use or are considering trying JupyterHub, it’s your lucky day -- we’re sharing configuration tips and tricks, how we’re using it to make technical research easier, and much more.
Security operations | 4 min read
3 must-dos when you’re starting a threat hunting programSo you decided you want to build a threat hunting program ... but where do you start? Here are our three must-dos when you’re planning your hunt.
Security operations | 8 min read
The top five pitfalls to avoid when implementing SOARSOAR isn’t really about “orchestration and response.” It’s an engineering problem at its core. Here’s why.
Security operations | 5 min read
This is how you should be thinking about cloud securityYour IT team isn’t racking and stacking servers like they used to, but cracking the cloud security code is easier than you think. Get our pro tips for doing just that.
Security operations | 4 min read
Don’t blow it — 5 ways to make the most of the chance to revamp your security postureIf you’ve got a blank canvas with the opportunity to build a security program from scratch, here’s how to get started and make the most of your new program.
Security operations | 4 min read
NIST’s new framework: Riding the wave of re-imagining privacyThe NIST Privacy Framework will revolutionize how we think about privacy. Here’s how your org might use it.
Security operations | 3 min read
Four habits of highly effective security teamsPractice these habits consistently and you’ll have an engaged, talented and all-around awesome security team.
Security operations | 4 min read
How to get your security tool chest in order when you’re growing like crazyNeed to expand your security tool chest? Our CISO’s got some tips to consider when thinking about what tech to keep or buy.
Tips | 4 min read
Four common infosec legal risks and how to mitigate themThere are four missteps we see happen often that open fast-growing companies up to unnecessary legal risks -- here’s how to course correct.
Tips | 6 min read
Dear fellow CEO: do these seven things to improve your org’s security postureNeed to get the security train back on the tracks? Our CEO’s got some pro tips on improving your org’s security ASAP.
Tips | 4 min read
How public-private partnerships can support election securityElection security measures (or lack thereof) are making headlines. How can private sector orgs contribute to public sector security? Our CISO Bruce Potter’s got some ideas.
Tips | 9 min read
12 revealing questions to ask when evaluating an MSSP or MDR vendorWe’ve heard lots of interesting Qs as prospective customers evaluate which solution's right for them... here are the 12 you should be asking.
Security operations | 4 min read
How to start a cybersecurity program (or restart one that lapsed)If you're left holding the hot potato of a legacy lackluster security program, or are suddenly forced to protect your org and its data with less, here are a few quick steps to take to get cybersecurity efforts back on track.
Security operations | 3 min read
Three tips for getting started with cloud application securityIf you're feeling like your SaaS security knowledge is a bit cloudy, these three pro tips will get you started on the right path.
Security operations | 5 min read
Reaching (all the way to) your NIST 800-171 compliance goalsClose common compliance gaps, without building a SOC, for NIST 800-171 security requirements. And a bit about how we can help.
Tips | 6 min read
How to get the most out of your upcoming SOC tour: making your provider uncomfortableIf you’re in the market for an MSSP or looking to keep tabs on your existing provider, visiting their security operations center (SOC) can be a good way to get a sense for what you’re really buying. Let us walk you through how to prepare for your visit to get the most out of your visit.
Security operations | 7 min read
Getting a grip on your cloud security strategyUnderstanding how to think about cloud security differently is half the battle. At Expel, we've thought a lot about it, and we’ve identified three key points that should inform your cloud strategy.
Security operations | 12 min read
A common sense approach for assessing third-party riskLet us walk you through our third-party assessment process. We think it's lightweight but still achieves the objective - determining if a vendor can be trusted. And, as a bonus, we're providing the third-party questionnaire and emails we use so you can download it and get going right away.
Security operations | 4 min read
What’s new in the NIST Cybersecurity Framework (CSF) v1.1In case doing a “stare-and-compare” of the original and updated NIST frameworks isn’t your idea of fun, I’ve highlighted three important changes here.
Security operations | 3 min read
Decoded: new changes to NIST’s Cybersecurity FrameworkNIST has polished up their Cybersecurity Framework. Our CISO, Bruce Potter, highlights three of the most significant (and practical) changes.
Security operations | 4 min read
Budget planning: determining your security spendGuidance and a short list of things you can do to help you answer the common question "how much should I spend on cybersecurity?" (5 min read)
Tips | 5 min read
A cheat sheet for managing your next security incidentTactical advice on how to survive a security incident when you don’t have an incident response plan. (6 min read)