and Response services
Coverage from the cloud to your own network and endpoints
Give us 30 minutes to show you how we help companies that look like you
Thanks for clicking submit. Your message is now being directed to a real person.
“BYO-tech” managed detection and response
(get the most outta what ya got)
We plug into the cloud services and security tech you already own. We’ll tell you 24x7 when there’s something you need to care about, why and what you need to do to make sure your secrets stay secret.
Managed detection and response (MDR) is managed security that gives you what MSSPs promised … but never delivered
|Proactive threat hunting||We go find the attacks your products don’t alert on and which only a human can find|
|Expel detection rules||High fidelity alerts from Expel-curated rules based on simulated and real-life attacks|
|XDR alert analysis||API-integration to your cloud services, EDR, network and SIEM tools let us investigate as if we are in your office|
|Alert triage by Josie™||Our bot, Josie, evaluates each alert and weeds out false positives so our human analysts focus on alerts that require judgement|
|Alert enrichment with benchmarks||We add details about IPs, hashes and domains and tell you how often each alert leads to an incident|
|Alert signal visibility||See which cloud instances and security tech generate the highest-quality alerts and investigative data|
|Incident validation and notification||One click gets you detailed analysis including answers to what happened, where, when, why and how|
|Ruxie™ investigative bot||Our bot, Ruxie, automates investigative steps so our human analysts get the info they need before they ask for it|
|Remote response||Our analysts investigate and give you detailed reports (written in plain English!) with clear actions|
|Containment and remediation actions||We go as far as you want … from telling you what to do … to pushing the button to contain threats|
|Alert-to-fix timeline||See how long it takes our analysts to go from initial alert to remediation (and each step along the way)|
|Threat-specific reporting||See attack diagrams, maps and timelines specific to threats like commodity malware and BEC|
|Resilience recommendations||We’ll give you detailed guidance on how to improve and get at the root cause of repeated incidents|
|How we work|
|See what our analysts see||We like company, so you get to share the same view as our analysts via the Expel Workbench™|
|“BYO-tech” approach||We’ll use the security tools you already invested in, not make you buy ours (and we don’t sell tools)|
|Slack comms with our SOC||Talk live with our analysts any time via a dedicated Slack channel|
|Metrics to support ROI||We show you what we’re doing as we do it, and calculate metrics so you can hold us accountable|
|API for custom reporting||If you can click on it in our user interface you can automate it with our API and your own code|
|Security device monitoring||While we don’t patch and upgrade your tools, we make sure they’re configured right … and stay that way|
|Easy to turn on (and off)||We don’t take hostages. If we’re not meeting your needs it’s as simple to turn us off as it is to turn on|
MDR services give security teams the ability to find, investigate and remove attackers from the environment long before traditional security tools’ alarm bells ring.
— Forrester Research, Inc., “Now Tech: Managed Detection And Response (MDR) Services, Q2 2018,” April 26, 2018.