RSA CONFERENCE, SAN FRANCISCO, May 6, 2024 — Expel today announced new MDR offerings to meet the varied needs of modern organizations, no matter where they are on their maturity journey. The expanded offerings deliver more flexible ways to adopt Expel technology and services, better addressing its growing partner and customer base’s unique use cases and security needs.
The new, flexible offerings make it easier for more organizations to incorporate Expel’s award-winning MDR services into their security strategies, by meeting their current requirements and budgets while also providing the ability to scale over time.
“Expel MDR has never been a one-size-fits-all solution, and with these new offerings, we’re meeting more organizations where their security programs and needs are right now—whether they’re early in their journey and don’t have much experience with MDR, or are further along and are considering more advanced use cases and applications,” said Yonni Shelmerdine, Chief Product Officer, Expel. “We’re committed to ensuring that more organizations are able to experience our best-in-class MDR services and solutions in the face of growing cyber threats, complex security stacks, and a crowded MDR marketplace.”
Current Expel MDR customers will not experience any changes to their existing service at this time. They will be migrated to these new, more flexible offerings upon contract renewal starting in 2025. Customers can contact their account team with any questions in the meantime.
IDC recently named Expel a Leader in the 2024 IDC MarketScape for Worldwide Emerging Managed Detection and Response (MDR) Services. In its report, IDC urged organizations of all sizes, with or without established SOC operations, to consider Expel MDR when looking to outsource threat management.
Expel also announced that it’s expanding its automated remediation capabilities across both endpoint and cloud environments. These new response actions reduce the amount of time organizations are at risk from an attack, reducing mean-time-to-remediate (MTTR) and mean-time-to-contain (MTTC). They also help combat the widespread usage and growth of identity-based attacks, which accounted for 61% of all incidents our security operations center (SOC) identified in Q1 2024. The expanded capabilities include the ability to:
- Remove harmful files and registry keys
- Reset compromised cloud and Azure Active Directory credentials
- Disable compromised cloud keys
The new response capabilities are facilitated through existing automation and AI tools in Expel Workbench, including Ruxie, which facilitates communications between customers and Expel’s security operations center (SOC) team during incidents and in verifying actions. Expel customers can configure their accounts for these new automated response actions in Workbench. Once configured, the Expel SOC team remediates on their behalf whenever an attack is detected in the customer’s environment.
Expel is also expanding support for industry-leading security information and event management (SIEM) solutions with added reporting for Splunk Enterprise Security and Microsoft Sentinel. This added reporting provides customers with evaluations of their SIEM rules configurations to determine supportability and guide customers on which rules to implement to make their environments more secure. And Expel is broadening detection coverage for out-of-the-box rules for CrowdStrike Falcon Logscale and Splunk Enterprise Core.
Finally, Expel is also expanding coverage of its Expel Vulnerability Prioritization service with a new integration for Qualys VMDR. Customers can now integrate their Qualys vulnerability information into Expel Workbench for fast analysis and prioritization of their highest-risk vulnerabilities.
To learn more about Expel’s new MDR offerings, automations, and expanded SIEM support, visit the Expel booth in the South Hall (#0535) at RSA Conference 2024, or book a demo.