AnnouncementCase StudyCheckmarkcustomer-story-iconData Sheethow-to-logoposts

Pricing

(yes, these are the actual prices)

Our pricing is simple. It’s based on how many endpoints and accounts you’re trying to protect. You choose one of our three service levels and we provide service in yearly increments (or monthly for the first year if you choose). We don’t nickel and dime you with add-ons. And there’s no extra charge for us to monitor more security applications or cloud services.

Expel Night Shift
Starts at
14,400/mo
/yr*
for 1,000 or fewer endpoints
Get a quote
Our offering for those who only need coverage on nights and weekends.

Includes all standard features
Mon-Thu 6pm-9am
Fri 6pm –Mon 9am

Most Popular
Expel 24x7
Starts at
19,200/mo
/yr*
for 1,000 or fewer endpoints
Get a quote
Our most popular offering.
Expel monitors your environment around the clock.

Includes all standard features
24 hours a day
365 days a year

Expel 24x7 with Hunting
Starts at
24,000/mo
/yr*
for 1,000 or fewer endpoints
Get a quote
Add proactive threat hunting to Expel 24x7 to find attacks that evade traditional security tools.

Includes all standard features
24 x 7 x 365
plus threat hunting

Even our pricing is transparent

(if you’re from the procurement department click here)

We’re as tired as you are with the time-wasting back-and-forth that’s required to get to a “real” price for most security products. These are our actual prices. If you love a good negotiation you can check out our negotiation-friendly prices.

Tell us what you’d like us to monitor:

When we talk about endpoints, we mean laptops, workstations and servers (on-prem and in the cloud). We’re not including mobile devices or things like printers, thermostats and other things with an IP address.
When we talk about users we mean how many user accounts you have for apps like O365 and G suite. Our pricing is based on the largest number of users for an application we monitor. For example, if you have 5,000 user accounts for O365 and 3,000 user accounts for Okta, the total cost is based on 5,000 users.
When we talk about resources we‘re referring to three areas.
Compute: your servers or processors in the sky, like AWS EC2, Lambda, or Azure virtual machines
Storage: your standard disk like AWS S3, Blob storage and *SQL
Containers: how you approach scaling computer power up and down like Docker and Microservices

The size of your environment can be a moving target, so we’re building a calculator to help simplify how to add up your resources. In the meantime, contact us for pricing.

*We currently only hunt on your infrastructure

  • Expel Night Shift
    47,200
  • Expel 24x7
    62,833
  • Expel 24x7 with Hunting*
    74,583

All three options include:

  • Monitoring by Expel analysts
  • Unlimited security device monitoring
  • Alert triage performed by Expel analysts
  • Incident investigation and notification
  • Remediation guidance
  • Resilience recommendations
  • Real-time metrics and dashboards
  • Customer engagement manager
  • Expel Workbench™

Common questions

What do you consider endpoints?

When we talk about endpoints, we mean laptops, workstations and servers. We’re not including mobile devices or things like printers, thermostats and other things with an IP address.

How should I calculate my total number of user accounts?

When we talk about users we mean how many user accounts you have for apps like O365 and G suite. Our pricing is based on the largest number of users for an application we monitor. For example, if you have 5,000 user accounts for O365 and 3,000 user accounts for Okta, the total cost is based on 5,000 users.

What technology do you integrate with?

We’re constantly adding to our list of integrations but below are a few examples. You can find a more detailed list here.

Network: Palo Alto Networks and Darktrace
Endpoint: Carbon Black and Crowdstrike
SIEM: Sumo Logic and IBM QRadar
Cloud infrastructure: AWS, Azure, and GCP
Cloud applications: O365 and G Suite

What do you mean by “hunting”?

Good question. We use data from your existing SIEM, network, endpoint and cloud infrastructure to apply advanced investigative technique to find evidence of malicious activity.

People use the term “hunting” in lots of different ways, and one thing we’re trying to do is demystify it so it’s more accessible and understandable to our customers. Check out our blog to learn more.

What’s included?

All of our service levels include:

  • Monitoring by Expel analysts
  • Unlimited security device monitoring
  • Unlimited cloud application monitoring
  • Alert triage performed by Expel analysts

What resources should I count?

When we talk about resources we’re referring to three areas.

  • Compute: your servers or processors in the sky, like AWS EC2, Lambda, or Azure virtual machines
  • Storage: your standard disk like AWS S3, Blob storage and *SQL
  • Containers: how you approach scaling computer power up and down like Docker and Microservices

We get all resources aren’t created equally and weigh them a bit differently. We’re working on an easy way to estimate the cost based on your resources, in the meantime contact us for pricing.

Have more questions?

Check out our commonly asked questions page.

If you’re ready to chat in more detail, let us know. We’ll have someone get in touch and they’ll be able to talk tech.

Back To Top