AnnouncementCase StudyCheckmarkcustomer-story-iconData Sheethow-to-logoposts
skip to Main Content

An irreverent crew focused on helping our customers love security, rebelling against the status quo and getting $#*! done

Expel employees
BYO tech integrations
Net Promoter Score

How we got started

(not in a garage… but in a barn)

It was a tweet. ¯\_(ツ)_/¯ Seriously, when co-founders Dave Merkel, Yanek Korff and Justin Bajko saw @rickhholland tweet back in late 2015 that MSSP customers had endured “the customer service equiv. of taxi drivers” they saw an opportunity.

What we found

(alerts without any good answers)

Digging deeper, we saw three big problems that were dragging the security industry down.

  • Too many confusing security products delivering reams of alerts
  • Not enough security talent to prioritize the alerts and effectively manage the risk
  • MSSPs who had failed to deliver on their promises

And there were no good solutions. Some companies were looking at managed detection and response (MDR) providers – but MDRs added a new expense without replacing MSSPs. Most customers were suffering in silence with no alternative.

“I think the MSSP market is ripe for disruption. Many have had the customer service equiv of taxi drivers, customers aren’t happy.”

Rick Holland @rickhholland

Our vision

(it’s a bit unorthodox but we DO believe that you can love security)

Remember how IT used to run wires and rack servers? Thanks to cloud computing and web services they don’t do that anymore.

But if you’re in security you still spend the majority of your time in the weeds massaging alerts and operating products. Or worse, you can’t afford (or find) the people and technology to even do that.

We want to flip that equation and create space for you to do what you love about security (even if that’s thinking about it as littleas possible).

Our approach

(so radical we had to talk ourselves into it)

We think our approach is pretty unique. It starts with transparency. We’re busting up the proprietary black-box approach that MSSPs and MDR providers take. In our hold-your-cards-close-to-your-chest industry that’s the radical part.

Here’s what we do…

  1. We use the security products you’ve already bought
  2. Our analysts investigate alerts and monitor your environment
  3. When we find a problem we tell you exactly what to do about it
  4. We also tell you how to fix the root cause of problems that happen over and over

…that’s it!

Transparency means that you can look behind the curtain while we’re doing ^this^ and see anything (or everything) our analysts are doing for you 24x7 while they’re doing it. Heck, we’ve even built it so you can even jump in and work collaboratively with our analysts if you want. Either way, we’ll give you answers to these questions (not more alerts).

What’s happening in my environment

What do I need to care about and why?

How do I resolve this incident?

How can I become more resilient?


Leadership team

(growing so quick we can’t keep up with the pic)

For real, while we line up a photoshoot and build the web bios …
We’ve got new buzz-worthy additions to the team, VP and General Counsel Peter Katz, Chief Technology Officer Pete Silberman, and Chief Financial Officer Maria Izurieta.

Dave Merkel

Chief Executive Officer

Dave Merkel (aka “Merk”) is the co-founder of Expel as well as the company’s chief executive officer. He’s ultimately responsible for everything and has been frequently mistaken for Willy Wonka.

Dave has been involved in the information security field for nearly 20 years, first as a federal agent pursuing cyber criminals in the era of floppy disks and 2400 baud modems, then as chief technology officer (CTO) and vice president of products at Mandiant. Following FireEye’s acquisition of Mandiant, Dave served as the global CTO of FireEye.

Before Dave’s 10 years as a solutions provider he spent another decade as a security practitioner. He got his start as a special agent in the Air Force Office of Special Investigations, pursuing cyber criminals and conducting digital forensic investigations, and later as head of AOL’s technical security organization. While at AOL, he created and ran the first incident response capability for AOL and Time Warner, managed software security and policy programs, and built technologies for AOL’s security infrastructure.

He is frequently invited to comment on security-related headlines, and has been featured in news outlets like Bloomberg, The Washington Post and Forbes. Dave was also named to Washingtonian’s Tech Titans list in 2018 and 2015.

Yanek Korff

Chief Operating Officer

Yanek Korff is a co-founder of Expel as well as the company’s chief operating officer (COO). In addition to paying the bills and counting beans, Yanek makes it easy for employees to stay focused on serving our customers.

Yanek has worked in IT and information security roles for nearly 20 years beginning as a student help desk technician in a musty basement at the College of William and Mary.

Prior to Expel, Yanek was the vice president of Mandiant’s managed services business which helped customers mitigate the consequences of security breaches. Yanek established and  grew the service to become one of the first follow-the-sun managed detection and response (MDR) providers, accounting for over 30 percent of Mandiant’s revenue. Following Mandiant’s acquisition by FireEye, Yanek served as CTO of FireEye as a Service, FireEye’s managed services offering.

Prior to Mandiant, Yanek was responsible for the majority of AOL’s security infrastructure including authentication, authorization management, public key infrastructure (PKI) and systems that supported incident response, e-discovery and investigations.

Yanek has a B.S. in Computer Science from the College of William and Mary, and an M.S. in the Management of IT from the McIntire School of Commerce at the University of Virginia. He was the principal author for “Mastering FreeBSD” and “OpenBSD Security”, published by O’Reilly.

Matt Peters

Chief Product Officer

Matt Peters is our chief product officer (CPO). As CPO, Matt focuses on robust dialogue, encouragement of his team as they grow their own careers, and the relationships between all aspects of the business.

He comes to the company with 20 years of experience in the tech world. Before joining Expel, Matt was vice president of worldwide operations at FireEye for the managed services offering, FireEye as a Service.

Before FireEye, Matt was the director of technical operations at Mandiant for Mandiant Managed Defense, one of the first managed detection and response (MDR) services.  He was responsible for the design and delivery of the application platform that powered analyst detection and investigation.

Before getting into the managed services space, Matt worked at a number of Silicon Valley computer networking technology startups before joining Check Point Software where he led the security analytics group, which applied machine learning and data science to network and firewall data.

Matt has a B.S. in computer engineering from the University of Kansas.

Bruce Potter

Chief Information Security Officer

Bruce Potter is our chief information security officer (CISO). He’s responsible for cyber risk management and ensuring the secure operations of Expel’s services.

Previously, Bruce co-founded Ponte Technologies, a cybersecurity research and engineering company that worked with organizations ranging from hedge funds to intelligence agencies. Bruce sold Ponte Technologies to the KeyW Corporation where he served as CTO for two years. In 2016, Bruce served as the senior technical advisor to the members of President Obama’s Commission on Enhancing National Cyber Security.

Bruce also founded the Shmoo Group in 1996 and helps run the popular annual hacker conference, ShmooCon, in Washington, DC. Bruce has co-authored several books and written numerous articles on security (or the lack thereof). He regularly speaks at industry conferences including DefCon, Blackhat, and O’Reilly Security, as well as at private events hosted by the United States Military Academy, the Library of Congress, the National Security Agency and other government agencies.

Michael Evans

Chief Marketing Officer

Michael Evans is our chief marketing officer (CMO). He’s responsible for explaining what Expel does and finding more companies that we can help. He also manages our official list of banned security marketing buzzwords.

Michael has been marketing enterprise software and services to big and small companies for more than 20 years. Previously, Michael was CMO at Fidelis Cybersecurity. Before that, Michael led marketing at Mandiant where he established the company as one of the most respected security brands in the industry. Following Mandiant’s acquisition by FireEye, Michael served as vice president of marketing at FireEye. Before entering the security world Michael worked at both venture-backed and publicly traded companies marketing software to everyone from internal auditors, chemical engineers, CFOs and supply chain managers to ERP admins.

Michael has a B.A. in Economics and Classics from Brown University and a MBA from the Wharton School at the University of Pennsylvania.

Denise Hayman

Denise Hayman

Chief Revenue Officer

Denise Hayman is our Chief Revenue Officer. If you’re looking to learn more about Expel, chances are that you’ll be talking to her or someone on her team. She’s also passionate about making sure that your experience is better than it was for any other security product you’ve bought.

She comes to Expel with more than 25 years experience seeing security (and sales) done right, wrong and every shade in between. Prior to Expel, she was vice president of global security sales at Neustar where she built out a sales team that helped customers protect themselves from the evils of DDOS and IP attacks.

Denise got her start in sales at Symantec. Over her career she returned to the endpoint behemoth twice as it gobbled up two of the companies where she went on to head up sales: Vontu, a pioneer in data loss prevention (DLP) and disc encryption vendor PGP.

She’s also built and led sales teams at Tripwire, Cyphort, and Vendavo. She likes to say she was trained at Symantec and then followed the data (and attackers) as they used the internet (and now cloud apps and infrastructure) to compromise organizations in creative new ways.

Denise is passionate about building diverse sales teams (including women) which know that honesty, transparency and “doing the right thing” for customers isn’t just good business … it’s essential to their own reputation.

She’s working hard to get more women in sales and wants women everywhere to know that you can build a successful sales culture without having the uncomfortable sameness that exists without diversity.

She has a B.A. from Boston College.

Maria Izurieta

Chief Financial Officer

Justin Bajko

VP Strategy and Business Development

Justin Bajko is a co-founder of Expel as well as our VP of Strategy and Business Development. It’s Justin’s job to stay close to our customers and partners and make sure that we’re heading in the right direction. He also spends a good bit of his free time fretting about the University of Tennessee’s football program.

Justin has been involved in information security and managed services since just after the turn of the century. Prior to Expel, he was senior director of global service delivery for FireEye’s managed service, FireEye as a Service. Justin was responsible for building and managing FireEye’s security operations centers (SOCs) around the world, including a staff of more than 80 analysts.

Prior to FireEye, Justin was the managing director for Mandiant’s Managed Defense service, one of the industry’s first managed detection and response (MDR) providers. Before that, Justin worked at Symantec where he worked in a number of roles within their managed services business ranging from SOC engineer to senior manager of the global threat response team where he was responsible for detection capabilities, intelligence integration, and customer data ingestion for Symantec’s MSSP customers worldwide.

Justin hails from northeast Tennessee. In his free time he enjoys anything to do with cars (spending an inordinate amount of time making sure his are always clean) or boats, traveling, and playing an embarrassing amount of video games.

Pete Silberman

Chief Technology Officer

Peter Silberman is the chief technology officer (CTO) at Expel. Peter splits his time between ensuring Expel has a robust detection and response strategy for all its technical partners/integrations and making sure that Expel is pushing the envelope with new ways to improve analyst experience and efficiency. He works to achieve this while also driving new service capabilities built on top of those integrations. Expel’s exceptional team of engineers get to do all the code writing (the fun stuff!). He gets to write docs and draw pictures for others (the
not-as-fun-as-coding-but-necessary stuff).

Before joining Expel, Peter was the senior director of Innovation and Customer Engineering (ICE) at FireEye. He helped create what’s now known as the FireEye Data Science Group. He worked to deliver new capabilities impacting all aspects of the company’s product portfolio. This includes building technologies to automate various tasks faced by responders, reverse engineers and SOC analysts. Peter spent some of his focus researching memory forensics, finding new artifacts that could be used for detection and response.

Peter often presents his original research at industry conferences including CanSecWest, DefCon, HITB, Black Hat and RSA. He continues to focus on discovering new and efficient ways to automate the repetitive tasks that machines do better than humans, so that humans focus on what they do best – making judgement calls and building relationships that improve customers’ experience.

Amy Rossi

Amy Rossi

Vice President, Employee Experience

Amy Rossi is our vice president of employee experience. She’s leading the charge to make Expel a place where everyone wants to work. That includes how we hire, develop, and take care of our team.

While in college, Amy created her first leadership development program for a summer camp in New York and she has been building people development programs ever since. She comes to Expel with more than 15 years experience in human resources, talent management, and learning and development.

Prior to joining Expel, Amy was vice president of talent management at MicroStrategy. Before that, she served in human resources and talent management roles at AOL, comScore, Network Solutions and CareerBuilder. She has built talent management functions from the ground up twice and some of her best work has involved developing managers and leaders.

Amy graduated from Cal Poly, San Luis Obispo with a B.S. in Recreation Administration and a Minor in Dance and has completed coursework in adult education at George Mason University.

Peter Katz

Vice President and General Counsel

Peter Katz joined Expel in 2020 as our Vice President and General Counsel. He’s building our in-house legal team from the ground up. We like that he’s not only bringing his more than 15 years of experience as an attorney to Expel, but also his great sense of humor. (Kind of a requirement here).

Before joining Expel, Peter was Vice President and General Counsel of Duo Security. During his time as an executive at Duo, he built and led the legal department, serving as a trusted advisor to the management team and Board of Directors. In 2018, his legal strategy was integral during the Cisco acquisition of Duo Security for $2.35 billion.

Prior to Duo Security, Peter was Director and Senior Legal Counsel of AlixPartners, a global consulting firm. He also served as Associate Counsel of Vanguard, one of the world’s largest investment management firms. And before all that, Peter was an Associate in the Corporate & Securities practice at Pepper Hamilton, based in the Philadelphia office.

Peter has a J.D. from the University of Pennsylvania Law School and a B.S. in finance from the University of Florida.

Azure guidebook: Building a detection and response strategy

If you’re new to Microsoft Azure – or you want to pour some “Go Fast” on the process of setting up your security monitoring in this popular cloud platform – we’ve got your back.
Learn more >

Expel overview

Check out this brochure to learn what we do (transparent managed security) and what you get from Expel and our team of analysts
Learn more >

MITRE ATT&CK in AWS: A defender’s cheat sheet & mind map kit

With our new cheat sheet, you can quickly identify the paths an attacker might take – all mapped to ATT&CK tactics – once they’ve broken into your AWS environment.
Learn more >
Back To Top