AnnouncementCase StudyData Sheetposts
skip to Main Content

A space for

(content curated by our tribe for yours)

Ready. Set. Go!

(for Expel customers only)

We’ve got you covered when you need to get Expel access but don’t want to dig through bookmarks and notes.


Get to work

Login to Expel Workbench to review your morning coffee report and check assigned actions


Reach out

Have more questions than answers, or just want to chat, then email or call 844.397.5762


View system status

Check Workbench system health, uptime and keep an eye on scheduled upgrades and maintenance

What’s happening?

Release notes

Apr 24, 2018

It may not have as much action and adventure as this year’s leading box-office movie, Black Panther, but our new Workbench tips and tricks videos take less than three minutes of your time. Next time you log into Workbench you’ll see a new alert view - the alert grid. We’ve created two videos to help explain how to find an alert and the features and functionality of the new view. To check out the alert grid videos and learn about the other features in this release, read more.

Apr 10, 2018

While it’s fun to play detective to solve a mystery, it’s also time-consuming -- we’ve made some updates to make it is easier for you to see what took place and when in Workbench. The investigation and security incident page now includes who closed the investigation or incident and when it was closed. We’ve also made it easier to check the status of Workbench features. 

Mar 27, 2018

We’ve made multiple fixes to Workbench to keep it clean and tidy - like closing all alerts associated with an investigation when the investigation is marked closed. We’ve also made it easier for you to sort and filter through your alerts with the addition of a comma-separated (CSV) file export. Read more to learn about the tidying up we did with password reset and all the other updates.

Mar 13, 2018

If your idea of a good notification is an email in your inbox then this one’s for you!  We’ve added two new email lists that you can subscribe to. One tells you when actions are assigned to your organization while the other updates you about security device health. Update the notifications settings in your profile to start receiving these notices. We’ve also made some other enhancements that’ll make it easier to tell when investigations occurred.

Feb 27, 2018

We’ve made several small changes to the way you update the status of an investigation or incident to make it easier to use. Now you don’t have to make that agonizing choice between Closed and Resolved at the end of an incident. We removed Resolved because it was not being used. We also added an Unknown option to all the dropdowns (except for Attack timing) for those times when the investigation findings are still unclear. Read on to learn more about it plus other enhancements that’ll simplify your workflow.

Feb 13, 2018

No, we are not talking about the confusion around OAR at this years Olympics. (Psst: It’s not a new country, it stands for Olympic athletes of Russia.) We are referring to unusual remote desktop protocol (RDP) connections that our analysts are keeping an eye out for when they hunt in your environment. Attackers use this technique to move latterly, and we’ve added it to the list of techniques we look for while hunting in your environment. Not familiar with our hunting service? Reach out to your engagement manager for more details.

Jan 29, 2018

For those times when security is top of mind… even when you’re on vacation (it’s okay, we do it too!) You’ll be happy to know that we’ve turned off IP whitelisting so you can log into Workbench even when you are not in the office. You can also sleep a bit easier knowing that you can change your own password. Bonus - the password can be 255 characters. We also fixed a few thing that previously might have made you do a double take - don’t worry the alert is closed and the actions are complete.

More release notes

Knowledge gains

Articles and announcements


Expel service guide

Your “owner’s manual” and reference guide for getting started and using the Expel Workbench.

Get it >


Getting started with Expel

A step-by-step overview of how to get your security products connected to Expel and login to the Expel Workbench.

Get it >


Report a vulnerability

If you’d like to report a problem with any of Expel’s services or websites, please contact If you’d like, feel free to use our PGP key.

Contact us
Back To Top