Our SOC stopped a ransomware attack that compromised WordPress CMS to trigger a drive-by RAT download. Find out what happened, how we caught it, and our recommendations to secure your WordPress CMS.
Expel recently integrated Microsoft Defender for Endpoint into our platform and we gotta say, we’re impressed! Our SOC analysts share why they love it and show us how they use it to triage alerts.
Think you can get a co-managed SIEM and then step away to let the magic happen? Not so fast. Our CISO shares some common myths and the realities you should consider before making a decision.
Wonder what real-life investigation and response looks like in the cloud? Buckle up! Our team walks you through a coin-mining attack in AWS that they recently foiled – all the way from alert to fix.
Attackers love to look to PowerShell to enact their evil plans. Expel’s senior data scientist tells us how she used machine learning to help analysts spot malicious activity in PowerShell quickly.
Red team engagements are essential to helping your SOC analysts stay battle ready. But before screaming, “CHARGE,” here are six things you should do to prepare for taking on a red team.
Switching to a multi-cloud solution? Easy! Just kidding. Expel’s senior detection & response engineer shares some things you need to think about when going multi-cloud – and how to stay sane.
Running a Google Cloud Platform (GCP) workload or thinking about integrating it into your security portfolio? Expel can help! We’ve officially launched our GCP 24x7 monitoring and response services.
We got a lot of questions about configuring Jupyter notebooks after presenting at Infosec Jupyterthon 2020. See our response along with some tips for incorporating this tech into infosec processes.
Find out how our SOC analysts used automation to reduce the time it takes to investigate and report a suspicious login by 75%. The team outlines the process and shares a case study of it in action.
During a recent red team engagement, the CrowdStrike EDR Platform alerted our SOC team on the execution of a suspicious VBScript file. This is what they learned from untangling the malware code.
Over the weekend, Expel’s analysts discovered a new way attackers are using Zoom to compromise users’ security. Here’s what they learned and what you can do to avoid getting duped.
Security ops is a team sport … but how do you “play” together when your company’s working 100% remotely? Jon’s got some advice.
Wondering what it takes to build an effective SOC full of motivated, happy analysts? We’ve got some thoughts on that.
There are a few cybersecurity fundamentals that keep us safe … but how do you get the people in your org to adopt them? Our COO Yanek Korff’s got some ideas.
If you use or are considering trying JupyterHub, it’s your lucky day -- we’re sharing configuration tips and tricks, how we’re using it to make technical research easier, and much more.
An uncommonly clear review of what managed detection and response (MDR) is, where it came from and what it can/can't do for you.