Terraforming a better engineering experience with Atlantis
To build something useful you must first understand your users. Find out how Expel used Terraform and Atlantis to build a platform that makes self-service provisioning in cloud infrastructure easy.
Behind the scenes in the Expel SOC: Alert-to-fix in AWS
Wonder what real-life investigation and response looks like in the cloud? Buckle up! Our team walks you through a coin-mining attack in AWS that they recently foiled – all the way from alert to fix.
So you’ve got a multi-cloud strategy; here’s how to navigate four common security challenges
Switching to a multi-cloud solution? Easy! Just kidding. Expel’s senior detection & response engineer shares some things you need to think about when going multi-cloud – and how to stay sane.
Why the cloud is probably more secure than your on-prem environment
Is your data really safer in the server room next door? Probably not. Here are five reasons why the cloud offers better security than your on-prem environment.
Where does Amazon Detective fit in your AWS security landscape?
If you’re running workloads on AWS, then you’ll want to know all about the latest and greatest AWS-native security tools. We’ve got you covered in our latest post.
Making sense of Amazon GuardDuty alerts
If you’re running workloads on AWS, then you’d better be running GuardDuty. But what is it and how can you make sense of all the signals? Here are our pro tips.
Following the CloudTrail: Generating strong AWS security signals with Sumo Logic
Looking to get more or better security signals out of AWS? Then you’ll wanna read our pro tips on making the most of Amazon CloudTrail.
Here’s what you need to know about business email compromise (BEC)
How often does a business email compromise actually happen? And what should you do about it? Our infographic answers those questions and more.
This is how you should be thinking about cloud security
Your IT team isn’t racking and stacking servers like they used to, but cracking the cloud security code is easier than you think. Get our pro tips for doing just that.
Four common infosec legal risks and how to mitigate them
There are four missteps we see happen often that open fast-growing companies up to unnecessary legal risks -- here’s how to course correct.
How to build a useful (and entertaining) threat emulation exercise for AWS
Want to test your analysts’ detection skills in the cloud? Here are our tips and tricks for building your own threat emulation exercise in AWS.
How public-private partnerships can support election security
Election security measures (or lack thereof) are making headlines. How can private sector orgs contribute to public sector security? Our CISO Bruce Potter’s got some ideas.
How to find Amazon S3 bucket misconfigurations and fix them ASAP
Why do Amazon S3 bucket breaches happen and how can you protect your own org from making this mistake? We’ve got all the AWS pro tips for you in our latest post.
Seven ways to spot a business email compromise in Office 365
As attackers behind BEC attacks find ever more clever tactics to use, it’s getting trickier for businesses to protect themselves. But here are some telltale signs you can look for that are tip-offs that something’s amiss.
Three tips for getting started with cloud application security
If you're feeling like your SaaS security knowledge is a bit cloudy, these three pro tips will get you started on the right path.
Office 365 security best practices: five things to do right now to keep attackers out
Figuring out how to protect your SaaS infrastructure like Office 365 -- especially if you’re newer to cloud -- can feel overwhelming. So here are five Office 365 security best practices to check out right now.
Getting a grip on your cloud security strategy
Understanding how to think about cloud security differently is half the battle. We've thought a lot about it, and we’ve identified three key points that should inform your cloud strategy.