Overview
Service Information on Expel Managed Detection and Response Services
What is Expel Managed Detection and Response Services?
Expel Managed Detection and Response Services Pricing
Overall experience with Expel Managed Detection and Response Services
“Wide Product Coverage Alongside Openness Highlighted in Ongoing Expel Collaboration”
“Expel Effectively Covers Second Shift and Weekends Security Operations”
About Company
Company Description
Expel helps companies of all shapes and sizes minimize business risk. Our technology and people work together to make sense of security signals—with your business in mind—to detect, understand, and fix issues fast. Powered by our security operations platform, Expel offers managed detection and response (MDR), remediation, phishing, vulnerability prioritization, and threat hunting. Expel Managed Detection and Response delivers 24/7 decision support. We integrate with the tech you already have—across attack surfaces—to maximize your existing tech investments. Our platform automates analysis for your vendor alerts to filter out false positives. We’ll enrich the alerts that matter with context so we can resolve them with an average alert-to-fix of 22 minutes for critical alerts.
Company Details
Do You Manage Peer Insights at Expel?
Access Vendor Portal to update and manage your profile.
Key Insights
A Snapshot of What Matters - Based on Validated User Reviews
User Sentiment About Expel Managed Detection and Response Services
Reviewer Insights for: Expel Managed Detection and Response Services
Deciding Factors: Expel Managed Detection and Response Services Vs. Market Average
Performance of Expel Managed Detection and Response Services Across Market Features
Expel Managed Detection and Response Services Likes & Dislikes
- Willingness to work together and find solutions, rather than be told what we need to do to fit their mold - Wide coverage of products: we do not have everything sent to Expel, but there is more than enough signal to create meaningful alerts for us to respond to. - Transparency: Expel is very open with how they made determinations for alerts, but also for when there were issues on their side. Those times have been very few and far between, but they are always up front with what happened and how they are changing to prevent something negative from happening in the future.
Expel works with us on our specific needs, making sure that they can consume data from all of our tools. When we have customization requests for tools, data flows, detections, or processes, they address them directly. We have had multiple meetings with their Engineers to work through specific needs/issues. They respond quickly and with their full attention.
The onboarding comes with significant detection rules so that I can be up and running very quickly. I also like the ability to add a few custom rules that tailor detection to our unique type of business. I like that I have a shared slack channel that allows me to connect to Expel and ask questions, get support or manage the environment. I love that I can give access to my upstream security tools (such as vuln management and attack surface management) and they'll log in to drive investigations further.
- Cost: some areas are too expensive for us to implement or make good use of. - Integrations: there are some integrations that either lack a good context or don't exist at all. Expel is always adding new integrations, but it's been a while since we've seen one that applies to us
I don't think that dislike is appropriate for this review. There is nothing that I dislike about Expel's service. My only nit is that they push us to use their workbench, when we have our own Enterprise tools for tracking and investigating IR Cases. That being said, their workbench is great, and would be ideal if we did not already have our own tools. We use their workbench to enrich our own tools with their investigative data.
Expel provides strong day-to-day monitoring, but its executive and board-level reporting is limited. This makes it challenging to translate operational successes into clear business outcomes. Without stronger reporting, much of the valuable work being done behind the scenes risks going unnoticed at the leadership level.
Top Expel Managed Detection and Response Services Alternatives
Peer Discussions
Expel Managed Detection and Response Services Reviews and Ratings
- CISO50M-1B USDHealthcare and BiotechReview Source
Wide Product Coverage Alongside Openness Highlighted in Ongoing Expel Collaboration
We have been with Expel for a little over 2 years now and have had a wonderful partnership. We have worked together to find solutions and workflows that enhance our overall security. - Chief Information Security Officer<50M USDMediaReview Source
Strong overall experience as a reliable partner, with executive board reporting needing more emphasis
As a CISO, I have been impressed with the scale of coverage via integrations to my infrastructure and tools. I have confidence that I have visibility to all of my critical assets, services and data. - Director, IT Security and Risk Management1B-10B USDServices (non-Government)Review Source
Expel Effectively Covers Second Shift and Weekends Security Operations
Expel does an excellent job covering our SOC when our Analysts are not working, which is the 2nd shift and weekends. They take our customization and feature requests seriously, and respond within a timely manner. Importantly, their answer is not always "yes". Sometimes they so "no" and that is OK. They know what they are capable of, and give reasonable pushback when our requests are outside of what they can offer. - IT Security & Risk Management Associate1B-10B USDReal EstateReview Source
Platform Enhances Incident Handling With Swift Detection And Clear Actionable Alerts
My overall experience has been excellent. The platform is intuitive and integrates seamlessly with our existing security stack. Expel's response times and alerts containing clear, actionable alerts have significantly contributed to the speed and ease of our incident handling and triage. - Manager, Cyber Security1B-10B USDManufacturingReview Source
Easy Onboarding and Time Savings Highlighted Amid Vendor API Limitations
Onboarding was easy, the easiest by far of any MDR. Information on alerts is easy to find. They have reduced the amount of work my team needs to do.