AnnouncementCase StudyCheckmarkcustomer-story-iconData Sheethow-to-logoposts
skip to Main Content

Pricing

Whether you’re a Fortune 500 company or a boutique law firm, Expel can help you get better security … overnight.

You choose the attack surface you’d like us to monitor and we’ll provide 24x7 detection and response. All services include access to Expel Workbench™, communication with our SOC analysts via Slack (or Microsoft Teams) and custom recommendations that reduce risk.

Expel MDR for cloud infrastructure
If you’ve moved to the cloud, we’ll monitor your AWS, Azure or GCP environment.

Pricing is based on resources.

Expel MDR for on-prem infrastructure
For those looking to monitor some combination of their network, endpoint SIEM technology.

Pricing is based on endpoints.

Expel MDR for SaaS apps
Detect suspicious activity, like BEC, in your applications like Office 365 and G Suite.

Pricing is based on users accounts.

Expel Managed Phishing
We’ll spot the real phishes for you by investigating user reported emails.

Pricing is based on email count.

Get a quote

Looking for a quick ballpark number or want a more in depth breakdown of pricing for Expel … we’re here to help you get answers.
Complete the form to get a quote (with no strings attached).

All three options include:

  • Monitoring by Expel analysts
  • Unlimited security device monitoring
  • Alert triage performed by Expel analysts
  • Incident investigation and notification
  • Remediation guidance
  • Resilience recommendations
  • Real-time metrics and dashboards
  • Customer engagement manager
  • Expel Workbench™

Common questions

What do you consider endpoints?

When we talk about endpoints, we mean laptops, workstations and servers. We’re not including mobile devices or things like printers, thermostats and other things with an IP address.

How should I calculate my total number of user accounts?

When we talk about users we mean how many user accounts you have for apps like O365 and G suite. Our pricing is based on the largest number of users for an application we monitor. For example, if you have 5,000 user accounts for O365 and 3,000 user accounts for Okta, the total cost is based on 5,000.

What technology do you integrate with?

We’re constantly adding to our list of integrations but below are a few examples. You can find the tech we plug into here.

Network: Palo Alto Networks and Darktrace
Endpoint: Carbon Black and Crowdstrike
SIEM: Sumo Logic and IBM QRadar
Cloud infrastructure: AWS, Azure, and GCP
Cloud applications: O365 and G Suite

Have more questions?

Check out our commonly asked questions page.

If you’re ready to chat in more detail, let us know. We’ll have someone get in touch and they’ll be able to talk tech.

What resources should I count?

When we talk about resources we’re referring to three areas.

  • Compute: your servers or processors in the sky, like AWS EC2, Lambda, or Azure virtual machines
  • Storage: resources like AWS S3, Blobs and managed databases (think RDS and alike)
  • Containers: count the number of unique containers running

We get all resources aren’t created equally and weigh them a bit differently. We’re working on an easy way to estimate the cost based on your resources, in the meantime contact us for pricing.

Do you offer hunting services?

Yes, proactive hunting is available as an add-on to our MDR service for an additional fee. We take a retrospective look at data from your existing SIEM, network, endpoint and cloud infrastructure and apply advanced investigative techniques to find evidence of malicious activity.

When it comes to response and finding root cause (which some consider reactive hunting) that’s included in our MDR service.

How do you price phishing?

We price by the average number of unique emails reported to your phishing inbox.

Back To Top