Case studies · Cole Finch
Sisense’s security team was stretched thin managing security operations around the clock. Like many fast-growing companies, they needed 24/7 threat detection without adding headcount—but most solutions just created more work. That changed when they partnered with Expel, discovering how a cloud-native managed detection and response (MDR) platform could transform their operations.
Featuring:
- Sangram Das, VP of IT and CISO, Sisense
Additional resources
- Explore Expel’s MDR services
- See how Expel’s Workbench platform works
- Learn about Expel’s cloud security solutions
- Read more Expel customer stories
- Download Expel’s Annual Threat Report
About Sisense
Sisense is a data analytics and data orchestration platform that helps customers build smarter, AI-powered creative workflows. As a cloud-native company handling business-critical data for customers across industries, maintaining a strong security posture is foundational to what Sisense does—and to the trust their customers place in them.
Sangram Das, VP of IT and CISO at Sisense, leads the security function with a mandate to protect the business without slowing it down. When it came to security operations, he needed a partner who could provide continuous expert coverage—without creating net-new work for a lean team.
The challenge: Finding a partner that doesn’t add to the pile
For Sangram, the search for an MDR solution came down to three clear requirements: cloud-native capabilities, simple and easy integration, and—critically—a partner that would reduce his team’s workload rather than increase it.
Sangram Das: I wanted a partner who is cloud-native, that’s number one, and number two, doesn’t create more work for us. And simple and easy integration.
This last point is often overlooked in MDR evaluations. Many security solutions promise protection but deliver operational complexity—more dashboards to monitor, more alerts to triage, more time spent managing the tool rather than acting on it. For a lean security team, that tradeoff isn’t acceptable.
What Expel delivered: Clarity, coverage, and confidence
From day one, Expel delivered something Sangram hadn’t found with other vendors: genuine clarity about what mattered and why.
Sangram Das: What Expel has done is simplified the game in terms of connecting to various log sources or alert sources and essentially built the detection on top of that. So having a partner who is watching the console and the alerts and the insights and responding faster is key.
Rather than leaving Sisense’s team to sift through raw signal across disconnected log sources, Expel handled the integration, built the detection logic, and surfaced only what required attention. The result was a cleaner, more actionable view of the security environment.
Sangram Das: What Expel built is clarity in terms of what is really meaningful to us, based on a clear set of data sources. That kind of clarity is proof of value not every vendor out there is able to provide, which Expel does from day one.
A console built for security leaders—not just analysts
One of the practical advantages Sangram highlighted was how Expel’s Workbench platform is laid out. For a CISO who regularly has to explain the security posture to leadership, that matters.
Sangram Das: If you look at the console and the various ways they have classified and laid out—from a CISO standpoint, it is very simple to understand. And eventually I have to tell the story to my management.
A security tool that only makes sense to hands-on analysts creates its own kind of overhead. Expel’s Workbench is built to be legible at every level of the organization—so Sangram can understand what’s happening, communicate it upward, and stay informed without getting buried in technical detail.
The result: Less stress, more strategic focus
The most direct measure of success for Sisense is how the partnership has changed the day-to-day experience of the security team—and what they’re now able to focus on.
Sangram Das: Working with Expel, we have been fairly less stressed because we know there is somebody 24 by seven watching our console and will alert us if anything unfortunate is going on.
That peace of mind has a real operational impact. When a team isn’t constantly on alert for the next incident, they can direct their energy toward higher-value work.
Sangram Das: When you have a trusted partner to do what they do best—which is kind of give and take—30 to 40% of effort goes into SecOps. Then that same engineering effort goes into the real value-added security engineering activities.
For Sisense, redirecting 30 to 40% of their security engineering effort away from reactive operations and toward strategic initiatives represents a meaningful shift in what their team can accomplish. That’s the real return on partnering with Expel.
The bottom line
Sangram Das: I feel confident that somebody is watching and doing what they’re supposed to do.
For security leaders managing lean teams in cloud-native environments, that confidence—backed by transparent tooling, expert coverage, and clear proof of value from day one—is exactly what Expel is built to deliver.
This transcript has been edited and condensed for clarity and readability.
To learn how Expel’s managed detection and response can help your team get 24/7 expert coverage without adding headcount, schedule a demo today.
