Expel

What we replace

(we know you were wondering)

Expel replaces what you’d spend on managed security service providers (MSSPs) and managed detection and response (MDR) providers. We think MSSPs have reached the ceiling of the value they can provide. They’ve beaten their customers into submission and taught them to expect less by taking a transactional, one-size-fits-all approach, managing to their SLA and prioritizing the quantity of alerts over quality of service. MDRs have emerged to fill the gap with specialized services but since they don’t replace MSSPs they’ve just forced customers to buy two different services.

Activity

MSSP

MDR

Security device management (firewall, SIEM, etc.)
Vulnerability management
Security device monitoring
Automated alert processing
24 x 7 monitoring by a staffed security operations center (SOC)
Log data collection and storage
Log data analysis
Ability to use existing security stack (vs. vendor-mandated tech)
Advanced threat detection
Proactive threat hunting
Event/alert triage performed by an analyst
Incident validation and notification
Remediation guidance
Advanced data analytics to reduce false positives
Resilience recommendations to address root cause of repeat incidents
Transparent view into analyst activities via rich portal experience
Real-time metrics to measure progress and hold vendor accountable
Alerts enhanced and prioritized with business context