
Terraforming a better engineering experience with Atlantis
To build something useful you must first understand your users. Find out how Expel used Terraform and Atlantis to build a platform that makes self-service provisioning in cloud infrastructure easy.

So you’ve got a multi-cloud strategy; here’s how to navigate four common security challenges
Switching to a multi-cloud solution? Easy! Just kidding. Expel’s senior detection & response engineer shares some things you need to think about when going multi-cloud – and how to stay sane.

Introducing 24x7 monitoring and response for Google Cloud Platform
Running a Google Cloud Platform (GCP) workload or thinking about integrating it into your security portfolio? Expel can help! We’ve officially launched our GCP 24x7 monitoring and response services.

How to create and maintain Jupyter threat hunting notebooks
We got a lot of questions about configuring Jupyter notebooks after presenting at Infosec Jupyterthon 2020. See our response along with some tips for incorporating this tech into infosec processes.

Creating data-driven detections with DataDog and JupyterHub
Creating alert thresholds is critical to *not* driving your SOC analysts batty, but what’s the “right” number? Here are some tips, tricks and favorite tools we use to determine alert thresholds for customer environments.

Exabeam: an incident investigator’s cheat code
We love EDR tools too, but here are our best tips and tricks for combining EDR data with other (equally) important security signals.

Where does Amazon Detective fit in your AWS security landscape?
If you’re running workloads on AWS, then you’ll want to know all about the latest and greatest AWS-native security tools. We’ve got you covered in our latest post.

Using JupyterHub for threat hunting? Then you should know these 8 tricks.
Jupyter Notebook gave us the freedom to rethink the way we analyzed hunting data. Here are some tips and tricks you can use in your own analysis.

How to choose the right security tech for threat hunting
How do you decide which tech to use to carry out your hunt? This post’s got some pro tips for when and how to use different technology for your threat hunting mission.

How to get your security tool chest in order when you’re growing like crazy
Need to expand your security tool chest? Our CISO’s got some tips to consider when thinking about what tech to keep or buy.

Does your MSSP or MDR provider know how to manage your signals?
How well is your MSSP or MDR going to manage your fleet of security signals over time? Here’s how to figure out whether they’re up for the challenge.

Five tips for improving your data ingestion and auditing process
You’re processing loads of data every day...but are you catching it all? Here are tips from our pros for rocking your data auditing.

12 ways to tell if your managed security provider won’t suck next year
How can you figure out if the quality of the service you’re about to sign up for will improve over time? Our COO Yanek Korff’s got some tips for making sure you choose a service that’ll last.

How to find Amazon S3 bucket misconfigurations and fix them ASAP
Why do Amazon S3 bucket breaches happen and how can you protect your own org from making this mistake? We’ve got all the AWS pro tips for you in our latest post.

Evaluating GreyNoise: what you need to know and how it can help you
We use technologies behind the scenes to make Expel Workbench and our analysts more efficient. GreyNoise is one of those -- here's how we use it and why you might find it useful too.

12 revealing questions to ask when evaluating an MSSP or MDR vendor
We’ve heard lots of interesting Qs as prospective customers evaluate which solution's right for them... here are the 12 you should be asking.

Investigating Darktrace alerts for lateral movement
Dive into a typical investigation and see how our analysts triage a Darktrace alert. Plus! We share some of our favorite Darktrace features.

How to identify when you’ve lost control of your SIEM (and how to rein it back in)
See if these four telltale warning signs get your head nodding. If so, learn how to get started on regaining control.

Managed detection and response (MDR): symptom or solution?
An uncommonly clear review of what managed detection and response (MDR) is, where it came from and what it can/can't do for you.

What’s endpoint detection and response (EDR) and when should you care?
We cut through the hype to explain what EDR products can do for you.

Get your security tools in order: seven tactics you should know
Do you have the equipment and material needed to get your work right? Here are seven things to keep in mind to bring harmony to your toolchain. Part 1 of keep your security nerds happy series