Expel unveils tailored cyber security offerings for diverse needs

Expel, the managed detection and response (MDR) provider, has launched flexible new offerings aimed at meeting the diverse needs of modern organisations at various stages of cyber security maturity, according to a statement from the company. The expansion is designed for easy adoption across a broadening customer base, accommodating unique use cases and security requirements. These bespoke offerings facilitate easy implementation of Expel's groundbreaking MDR services into an organisation's security strategy, meeting their immediate needs while providing scope to scale over time.

Yonni Shelmerdine, Chief Product Officer at Expel, emphasised that the new offerings were far from one-size-fits-all. "We're meeting more organisations where their security programs and needs are right now - whether they're early in their journey and don't have much experience with MDR, or are further along and are considering more advanced use cases and applications," stated Shelmerdine. The company remains dedicated to enabling more organisations to adopt its leading MDR services in the face of escalating cyber threats and a crowded MDR market.

Current Expel MDR customers will not see any changes to their existing service immediately. They will, however, be migrated to these new, flexible offerings once their current contracts reach renewal from 2025 onwards. For the moment, customers with questions are encouraged to reach out to their account teams directly.

In its 2024 report, IDC named Expel as a Leader in the Worldwide Emerging Managed Detection and Response (MDR) Services segment. IDC recommended companies of all sizes, whether or not they already have established Security Operations Center (SOC) operations, to consider Expel MDR for their threat management outsourcing needs.

Expel is also adding to its automated remediation capabilities across both endpoint and cloud environments. The enhanced response actions significantly reduce an organisation's risk exposure, cutting down the mean-time-to-remediate (MTTR) and mean-time-to-contain (MTTC). These developments are particularly effective in combating identity-based attacks, which constituted 61% of all incidents identified by Expel's SOC in Q1 2024.

The upgrades include the ability to remove harmful files and registry keys, reset compromised cloud and Azure Active Directory credentials, and disable compromised cloud keys. These new response capabilities are facilitated through existing automation and AI tools incorporated in Expel's Workbench, including Ruxie, which expedites communications between customers and Expel's SOC during incidents.

Expel is additionally broadening its support for industry-leading security information and event management (SIEM) solutions, with enhanced reporting for Splunk Enterprise Security and Microsoft Sentinel. This additional reporting provides customers with evaluation of their SIEM rules configurations to ensure supportability and advises the implementation of effective rules to enhance security.

Fueling their detection coverage, Expel is adding out-of-the-box rules for CrowdStrike Falcon Logscale and Splunk Enterprise Core. To round off its offering, Expel is widening the scope of its Expel Vulnerability Prioritisation service with a new integration for Qualys VMDR, enabling customers to swiftly analyse and prioritise their highest-risk vulnerabilities.