Lorem ipsum
Trysail Sail ho Corsair red ensign hulk
smartly boom jib rum gangway.
Lorem ipsum
Prow scuttle parrel provost Sail ho shrouds spirits boom mizzenmast yardarm. Pinnace holystone mizzenmast quarter crow’s nest nipperkin grog yardarm hempen halter furl. Swab barque interloper chantey doubloon starboard grog black jack gangway rutters.
Lorem ipsum
Our EXE blog is a great place to find helpful advice and resources from our experts. Here’s a reading list to get started:
Blog
How much does it cost to build a 24x7 SOC?
Not all 24x7 SOCs are created equal. To figure out how much it costs to go 24x7, you have to first figure out what kind of SOC you’re trying to build. We outline four possible security operations centers and an estimate of your costs.
Blog
7 habits of highly effective SOCs
Wondering what it takes to build an effective SOC full of motivated, happy analysts? We’ve got some thoughts on that.
Blog
Making sense of Amazon GuardDuty alerts
If you’re running workloads on AWS, then you’d better be running GuardDuty. But what is it and how can you make sense of all the signals? Here are our pro tips.
Blog
Generate Strong Security Signals with Sumo Logic & AWS Cloudtrail
Looking to get more or better security signals out of AWS? Then you’ll wanna read our pro tips on making the most of Amazon CloudTrail.
Blog
How to build a useful (and entertaining) threat emulation exercise for AWS
Want to test your analysts’ detection skills in the cloud? Here are our tips and tricks for building your own threat emulation exercise in AWS.
Lorem ipsum
Ready to dive into the details? Here are some case studies from our SOC:
Blog
Spotting suspicious logins at scale: (Alert) pathways to success
Find out how our SOC analysts used automation to reduce the time it takes to investigate and report a suspicious login by 75%. The team outlines the process and shares a case study of it in action.
Blog
Behind the scenes in the Expel SOC: Alert-to-fix in AWS
Wonder what real-life investigation and response looks like in the cloud? Buckle up! Our team walks you through a coin-mining attack in AWS that they recently foiled – all the way from alert to fix.
Blog
Finding evil in AWS: A key pair to remember
Our analysts had to think fast when they recently encountered an incident involving compromised AWS access keys. Find out how they identified the attack and then kicked the bad guy out.
Blog
Evilginx-ing into the cloud: How we detected a red team attack in AWS
Red team sneak attack? Bring it on. Find out how we tackled a red team attack using open source offensive security tools in AWS and what you can do to protect your org from similar attacks.
Lorem ipsum
Need some thought starters on automation or the analyst decision-making process? Check these posts out:
Blog
How to investigate like an Expel analyst: The Expel Workbench managed alert process
Ever wonder about how Expel’s analysts investigate alerts? Our SOC team created a workflow called the Expel Workbench managed alert process. Read on to find out how it works and how it can help you.
Blog
The power of orchestration: how we automated enrichments for AWS alerts
Automation is key when it comes to helping analysts focus on doing what they do best – investigating legitimate threats. Find out how we use orchestration to automate enrichments for AWS alerts.
Ready to
talk to a human?
When you tell us you’re ready, we won’t waste your time. Let us know what you’re looking for and we’ll have someone get in touch who can talk tech.
Thanks for clicking submit. Your message is now being directed to a real person.