Engineering · 2 MIN READ · PATRICK DUFFY · SEP 12, 2023 · TAGS: Tech tools
Part of a strong security posture is having a full view of what’s going on across your tech environments. One of the great things about Expel Workbench™ is the visibility you get thorough real-time alerts and intuitive reporting. Our new Event Search feature takes that transparency one step further.
What it does
We thrive on taking work off your plate so you don’t have to worry about events unless we escalate them to you. Because of this, Expel Workbench and our security analysts do a lot of work behind the scenes you don’t always need to see. However, you might want to see it. This is where you can use Event Search.
Event Search answers the question, “Did Expel see that alert?” It allows you to fully understand our detection strategy and how we handle all events, even ones that don’t rise to the level of an alert. You can now go into Workbench and find this information quickly and easily, without needing to ask the Expel team for more information.
How it works
You can search by hostname, username, IP address, phrase, and file hash. Expel Workbench searches these standardized fields in its evidence database for matches and returns events where those parameters are present, telling you why they were or weren’t surfaced as alerts (plus other important details).
You can also select the time period you’d like to search. You can look at the past 24 hours, seven days, 14 days, or any custom time period within the last 14 days.
Event Search affords great visibility into what security events are happening across your technology, but we also want to tell you about another cool thing we’ve added.
The closest we can get to a crystal ball
We often get questions from users on what’s next for Expel Workbench. Are there new reporting or measurement capabilities coming? When is the next big release?” Is there anything that has been recently released I could be using to improve my security?” All fair questions. We understand you like to know what’s on the horizon—it helps you plan and can help inform your future security strategies.
That’s why we’ve added a product roadmap to Expel Workbench. Now you can view our plans on what new features and improvements we’re actively working on and will be coming soon. And we take it a step further: this new feature lets you provide feedback on the roadmap by telling us how important each roadmap item is to you.
So not only do you get a glimpse into the future, you can give us your feedback, as well. We’re pretty jazzed about having an integrated and secure way of sharing our plans with users.
Check out these two new features now and be sure to leave some feedback on the roadmap.