# Expel Reviews **Vendor:** Expel **Category:** [Managed Detection and Response (MDR) Software](https://www.g2.com/categories/managed-detection-and-response-mdr) **Average Rating:** 4.6/5.0 **Total Reviews:** 74 ## About Expel Expel is the leading managed detection and response (MDR) provider trusted by some of the world’s most recognizable brands to expel their adversaries, minimize risk, and build security resilience. Expel’s 24x7x365 coverage spans the widest breadth of attack surfaces, including cloud, with 100% transparency. We combine world-class security practitioners and our AI-driven platform, Expel Workbench™, to ingest billions of events monthly and still achieve a 21-minute critical alert MTTR. Expel augments existing programs to help customers maximize their security investments and focus on building trust—with their customers, partners, and employees. Expel Managed Detection and Response delivers 24/7 decision support. We integrate with the tech you already have—across attack surfaces—to maximize your existing tech investments. Our platform automates analysis for your vendor alerts to filter out false positives. We’ll enrich the alerts that matter with context so we can resolve them with an average alert-to-fix of 21 minutes for critical alerts. Expel Threat Hunting provides peace of mind that your environment is secure and your defenses are optimized. Expel identifies attacks your automated detections missed, while providing insights that enable a stronger defensive strategy. You get clear guidance on how you can improve your defenses from a dedicated team of experts, without the strain on internal teams. Expel Vulnerability Prioritization accelerates your remediation process by letting you know exactly which vulnerabilities pose the greatest risk, with recommendations on next steps for immediate action. Expel Phishing takes complete ownership of your phishing inbox and provides remediation and guidance when threats enter via this critical attack vector. Unique data from your security technology helps Expel monitor and remove phishing emails from your inbox as well as protecting your entire environment from these attacks. ## Expel Pros & Cons **What users like:** - Users praise Expel for its **user-friendly interface** and smooth onboarding, enhancing visibility and simplifying security operations. (9 reviews) - Users value the **high-fidelity detection and collaborative workflows** of Expel, enhancing security maturity and response effectiveness. (6 reviews) - Users praise the **exceptional customer support** from Expel, highlighting responsiveness and a genuine investment in their success. (5 reviews) - Users value the **easy integrations** with Expel, simplifying collaboration and enhancing overall security management. (5 reviews) - Users commend Expel for its **reliability** , providing consistent, actionable insights and seamless integration with existing systems. (5 reviews) - Threat Detection (5 reviews) - Users appreciate the **automatic threat detection** of Expel, enabling fast decision-making and seamless integration with existing systems. (4 reviews) - Alert Management (3 reviews) - Immediate Response (3 reviews) - Implementation Ease (3 reviews) **What users dislike:** - Users report **communication issues** with Expel, desiring improved response times and clearer escalation processes. (4 reviews) - Users wish for more **customization options** in Expel to adapt alerts and reporting to their unique needs. (4 reviews) - Users face an **inefficient alert system** that lacks customization, making it hard to prioritize urgent notifications. (3 reviews) - Users note the **limited integration** across tools, creating inconsistencies in workflows and necessitating use of native consoles. (3 reviews) - Users find Expel to be **expensive for its limited customizable reporting** , affecting decision making and efficiency. (2 reviews) - Users highlight the **lack of automation** in Expel, leading to repetitive clarifications and reduced efficiency in operations. (2 reviews) - Limited Flexibility (2 reviews) - Poor Customer Support (2 reviews) - Inadequate Detection (1 reviews) - Users find the **inadequate remediation** and lack of customization in alerts frustrating, complicating security management efforts. (1 reviews) ## Expel Reviews ### 1. High-Fidelity MDR with Transparent Workflows That Saves Us Dozens of Hours **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Telecommunications | Mid-Market (51-1000 emp.) **Reviewed Date:** February 05, 2026 **What do you like best about Expel?** Expel has delivered the most value for us through its combination of high-fidelity detection, transparent investigation workflows, and a truly collaborative MDR experience. The Expel Workbench stands out as a core feature. We use it daily to see exactly how alerts are triaged, enriched, and investigated across our integrated tools (Microsoft Defender, Azure AD, email security, etc.). Instead of a black-box SOC, we get clear timelines, analyst notes, and evidence, which significantly improves trust and speeds internal decision-making. From a workflow perspective, Expel has reduced alert fatigue and operational overhead in a very real way. Our team no longer spends hours chasing low-confidence alerts or stitching together context from multiple consoles. Expel’s correlation and enrichment mean that when an issue is escalated to us, it’s already validated, scoped, and prioritized. That alone has saved us dozens of hours per month and allowed our internal staff to focus on higher-value risk reduction work rather than constant reactive triage. One unexpected benefit has been how much Expel improves security maturity over time, not just incident response. Their analysts routinely identify configuration gaps, logging blind spots, and detection opportunities that we wouldn’t have surfaced as quickly on our own. Those insights have directly informed improvements to our controls, tuning decisions, and roadmap. The relationship feels less like “outsourced monitoring” and more like an extension of our security team, which is rare in MDR services. Overall, Expel has provided measurable improvements in response speed, signal quality, and team efficiency, while also raising confidence with leadership by delivering clear, defensible incident narratives when it matters most. **What do you dislike about Expel?** While Expel delivers strong detection and response capabilities, there are a few areas where the experience could be improved. One challenge is the depth and parity of integration across supported tools. Some data sources provide rich context and seamless workflows, while others feel more limited, leading to inconsistencies in investigations depending on the technology involved. This occasionally requires our team to pivot back into native vendor consoles for full validation, reducing some of the efficiency gains of a centralized MDR platform. Deeper, more uniform integration across all supported tools would further streamline investigations. Another area for improvement is customization and tuning visibility. Although Expel handles alert triage very well, there are times when we would benefit from more granular control or clearer insight into detection logic, suppression rules, or escalation thresholds, especially for environments with unique risk tolerances. Limited self-service tuning can make it harder to quickly adapt detections to evolving business or threat conditions without engaging support. Finally, reporting and metrics, while clear at an incident level, could be more flexible for executive and program-level reporting. Creating customized reports that map directly to internal KPIs, compliance requirements, or frameworks like NIST or ISO sometimes requires additional manual effort. More configurable dashboards and exportable reporting options would improve leadership visibility and reduce time spent translating operational data into executive-ready insights. Overall, these are refinement opportunities rather than fundamental gaps. Addressing integration consistency, tuning transparency, and reporting flexibility would further strengthen Expel’s value, particularly for mature security teams seeking both operational excellence and strategic insight. **What problems is Expel solving and how is that benefiting you?** Before using Expel, we struggled with high alert volume, inconsistent signal quality, and limited internal capacity to monitor multiple security platforms 24/7. Alerts were coming from endpoint, identity, and email tools, but our team spent too much time validating false positives, correlating events across consoles, and determining whether something actually warranted escalation. This created response delays and made it difficult to maintain confidence that real threats wouldn’t be missed during off-hours. After implementing Expel, we gained continuous, high-fidelity monitoring with expert-driven triage and correlation across our existing security stack. Instead of reacting to raw alerts, we now receive validated, contextualized incidents with clear timelines, scope, and recommended actions. This has reduced alert noise by an estimated 80–90%, cut investigation time from hours to minutes, and improved our mean time to respond by more than 50%. Expel also solved a staffing and scalability problem. We no longer need to over-hire or maintain a fully staffed internal SOC to achieve enterprise-grade monitoring. This has resulted in meaningful cost avoidance while still giving us 24/7 coverage and consistent response quality. Internally, our security team can now focus on proactive risk reduction, architecture improvements, and control maturity rather than constant reactive triage. Finally, Expel addressed visibility and confidence gaps with leadership. We struggled to clearly explain incidents and response actions to executives in a defensible, non-technical way. Now, Expel’s detailed incident narratives and evidence-backed reporting allow us to communicate what happened, why it mattered, and how it was contained, building trust and speeding decision-making. In short, we struggled with alert overload, limited coverage, and slow response, but now we operate with validated detections, faster response, and significantly less operational burden, resulting in measurable time savings, reduced risk exposure, and a more resilient security program overall. ### 2. Clear Details, Smart Alert Prioritisation, and Proactive Remediation **Rating:** 5.0/5.0 stars **Reviewed by:** Subhajji S. | SOC Admin, Enterprise (> 1000 emp.) **Reviewed Date:** April 19, 2026 **What do you like best about Expel?** I like the way the details were shared, how the alerts are prioritised, and the proactive approach to immediate remediation. **What do you dislike about Expel?** Some alerts get triggered by a bot called ruxie, and those sometimes don’t include much detail. I’d like to see more details and better context in those alerts. **What problems is Expel solving and how is that benefiting you?** Expel triggers alerts that other tools missed, which helped us avoid multiple breaches. ### 3. Seamless Monitoring, Proactive Support **Rating:** 4.5/5.0 stars **Reviewed by:** Manish D. | Staff Security Engineer, Enterprise (> 1000 emp.) **Reviewed Date:** September 12, 2024 **What do you like best about Expel?** I love Expel for its excellent Detection and Response capabilities and the ease of device integration, which provides a single pane view. The SOC monitoring and threat hunter teams are outstanding, offering proactive and efficient communication with stakeholders. Setting up Expel was very seamless, and I appreciate that once workbench access was provisioned, we only needed to create custom API keys to integrate our cloud native tools and services. I would definitely recommend their services. **What do you dislike about Expel?** The only thing to call out would be lack of a client-specific use case library. The detections are global, and we can't make changes specific to our infrastructure like adding prefixes/suffixes in alert notifications. This sometimes causes roadblocks for custom automation in the incident life cycle. **What problems is Expel solving and how is that benefiting you?** I use Expel for seamless monitoring of our IT infrastructure, providing continuous detection of anomalies and threats. It's a ready-to-go solution that combats evolving threats efficiently and saves us time by offering faster turnaround than building capabilities in-house. ### 4. Seamless Integrations and Intuitive Interface Streamline Security Operations **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Retail | Enterprise (> 1000 emp.) **Reviewed Date:** December 30, 2025 **What do you like best about Expel?** I really appreciate how Expel offers a wide range of API integrations, which makes it easy to connect with other tools in our security ecosystem. Their platform also provides a clean and intuitive interface for viewing all incidents and investigations in one place, which streamlines our workflow and improves visibility. **What do you dislike about Expel?** I wish Expel offered a mobile app for easier visibility when I’m away from my workstation. I’d like to see more timely and effective responses from the SOC team when comments are added to incidents or investigations, as that can sometimes feel a bit lacking. The escalation process could also use improvement, such as having a clear procedure to initiate a call for critical incidents. Lastly, some of their integration documentation could benefit from more frequent updates to keep pace with constant API changes from tools like Microsoft and others. **What problems is Expel solving and how is that benefiting you?** Expel helps our SOC by creating specific detections for a wide range of alerts and security anomalies. I really value that they thoroughly investigate everything before escalating to us, which reduces noise and ensures we only deal with actionable items. Since we’re a small SOC team internally, having Expel handle much of the threat detection workload allows us to focus on higher-priority incidents and strategic projects that need more attention. ### 5. Expel allows me to sleep at night! **Rating:** 5.0/5.0 stars **Reviewed by:** Jerry J. | Senior Technical Engineer, Enterprise (> 1000 emp.) **Reviewed Date:** July 25, 2024 **What do you like best about Expel?** We have had a great relationship with Expel since around October 2023. They filter out stuff that is safe or expected. Expel's admin site is Workbench and is easy to deploy and use. They have a large library of integrations ready to go and adapt to integrations we need. We work with Expel on a daily basis and have not been disappointed. **What do you dislike about Expel?** Some integrations required extra effort, but Expel worked with us to to get the integrations has been great. **What problems is Expel solving and how is that benefiting you?** Expel frees us up, so we can do other tasks. ### 6. Expel MDR: An excellent tool for smaller, more focused security teams **Rating:** 4.5/5.0 stars **Reviewed by:** Faissal I. | Manager InfoSecOps, Enterprise (> 1000 emp.) **Reviewed Date:** July 24, 2025 **What do you like best about Expel?** After a brief deployment period, Expel allows my security team to focus on more complex and time consuming tasks instead of running after level 1 alerts. The response team at Expel is very supportive and knowledgeable, and provides excellent evidence collection and actionable insights. The amount of data the platform is able to ingest and act upon is impressive and allows us to feel comfortable in our broad attack surface as a cloud-based company. The incident response process is efficient, effective, and highly reliable. **What do you dislike about Expel?** Some integrations still do not have full functionality in Expel (like firewall log behavioral manipulation), and there has been a delay in certain requested features being rolled out (like support for VPN tools like Cloudflare Zero Trust, or ingestion of wider net behavioral data from directories). **What problems is Expel solving and how is that benefiting you?** We are a small under-resourced security team, and Expel's automations allow us to keep our level 1 and level 2 security in check while tackling larger projects and initiatives. The platform is easily configured and has many time-saving features and extensive reporting tools, and satisfies many aspects of our defense-in-depth approach. ### 7. Delivers truly seamless detection and response experiences across the environment. **Rating:** 5.0/5.0 stars **Reviewed by:** Tim R. | CISO, Mid-Market (51-1000 emp.) **Reviewed Date:** September 09, 2025 **What do you like best about Expel?** Their team provides comprehensive coverage across our environment, ensuring threats are identified and contained quickly without adding friction to daily operations. What stands out most is how effortless they make the entire process—from onboarding to ongoing monitoring—while maintaining deep technical expertise and clear communication. Expel has become a trusted extension of our security team, giving us confidence that our organization is continuously protected. **What do you dislike about Expel?** If there’s any downside, it’s that their breadth of insights can feel overwhelming at first, but their analysts are always quick to help prioritize what matters most. **What problems is Expel solving and how is that benefiting you?** As a small company with a very limited security team, Expel has been a game changer for us. They solve the critical problem of 24/7 detection and response that we simply couldn’t staff internally. Their analysts act as an extension of our team—monitoring, investigating, and responding to threats so we don’t have to worry about missing something important. This not only gives us peace of mind but also frees up our internal resources to focus on strategic initiatives instead of being buried in alerts. The benefit has been huge: we get enterprise-level security coverage without needing a large, dedicated SOC in-house. Expel makes it feel like we’ve multiplied the size and expertise of our security team. ### 8. Thorough Incident Analysis and Insightful SOC Team **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Consumer Services | Mid-Market (51-1000 emp.) **Reviewed Date:** November 24, 2025 **What do you like best about Expel?** Their Soc team does due diligence and deep research about any incident and provide with a lot of information regarding a case. **What do you dislike about Expel?** Their onboarding process was not super smooth as they will let you follow their instructions to connect everything. They have great documentation but sometimes as new customer you want to be assisted over a call to make sure you have configured everything correctly. **What problems is Expel solving and how is that benefiting you?** MDR. We dont have our own security operations center or security team to look at our environment 24x7 and we have partnered with Expel to address this issue. They have been great so far in their detection and reporting. **Official Response from Kaitlin Ricketts:** > Thank you for sharing your experience with Expel — we really appreciate the feedback and are glad to hear our SOC team’s in-depth investigations and reporting have been valuable for you. We also appreciate your candid input on onboarding. Our onboarding process includes opportunities for live working sessions, and our team is always available to jump on a call when needed. Some parts of setup, including integrations, are intentionally designed to be self-guided to help teams move quickly to value. Your feedback is a helpful reminder of where we can do more to clearly set expectations and highlight available support. We’d welcome the chance to learn more about your experience. If you’re open to connecting, feel free to reach out at kaitlin.ricketts@expel.com. Thank you again for being an Expel customer! ### 9. Leaps and bounds better than competitors **Rating:** 5.0/5.0 stars **Reviewed by:** James M. | Director of Information Security & Privacy, Mid-Market (51-1000 emp.) **Reviewed Date:** March 10, 2025 **What do you like best about Expel?** We’ve had a fantastic experience with Expel, and it has become an invaluable part of our security operations. From the start, the onboarding process was smooth and efficient, making it easy to get up and running without unnecessary complexity. The platform itself is intuitive and user-friendly, allowing our team to quickly access insights, investigate alerts, and take action with minimal friction. The visibility and transparency Expel provides into security events make it far easier to understand what’s happening in our environment. One of the standout aspects of working with Expel is the level of support they offer. Their team is responsive, knowledgeable, and genuinely invested in helping us succeed. Whether it’s answering questions, providing guidance, or proactively identifying potential issues, the support we receive is top-notch. Overall, Expel has been a great fit for our needs. It simplifies security operations, provides valuable insights, and offers a seamless user experience. We highly recommend it to any organization looking for a reliable and well-supported security operations solution. **What do you dislike about Expel?** One small limitation we’ve noticed with Expel is that while it offers GitHub integration, it currently doesn’t support Bitbucket. Since our team uses Bitbucket, having native integration would be a great addition. That said, the platform still provides excellent coverage, and we’ve been able to work around this gap with other security measures. Hopefully, Bitbucket support will be considered in future updates! **What problems is Expel solving and how is that benefiting you?** Expel helps us streamline security operations by providing continuous monitoring, rapid detection, and expert analysis of potential threats. It reduces the burden on our internal team by handling alert triage and investigation, allowing us to focus on strategic security initiatives rather than chasing false positives. The transparent platform and actionable insights make it easy to understand and respond to incidents quickly, improving our overall security posture while saving time and resources. ### 10. Expel Review **Rating:** 4.5/5.0 stars **Reviewed by:** Ian W. | Security Engineer, Enterprise (> 1000 emp.) **Reviewed Date:** June 16, 2025 **What do you like best about Expel?** The function perfectly as a external SOC. Super easy portal with actionable information. They have been very responsive in the creating of custom rules for our environment and handle support tickets quickly. **What do you dislike about Expel?** They are still working on many integrations for some of our tools, they have been transparent in timelines to achieve those goals. **What problems is Expel solving and how is that benefiting you?** Expel operations as our frontline SOC freeing up time for our work force to handle other issues. ### 11. Fast Support **Rating:** 3.0/5.0 stars **Reviewed by:** Verified User in Manufacturing | Enterprise (> 1000 emp.) **Reviewed Date:** July 18, 2025 **What do you like best about Expel?** Slack integration for notifications and support requests. Support requests are handled very quickly and accurately. **What do you dislike about Expel?** Lack of support for EKS in AWS GovCloud. This was promised to us before we signed our contract, but later was removed from the roadmap. GovCloud is an essential part of our business and this lack of support leaves a large gap in our monitoring and alerting. **What problems is Expel solving and how is that benefiting you?** Our security team is small and we don't have a dedicated SOC. Expel's automated monitoring and alerting provides 24/7 coverage for detections and incidents. **Official Response from Kaitlin Ricketts:** > Thank you for sharing your experience with Expel. Everyone at Expel is appreciative when a customer writes a recommendation. Your candid feedback is appreciated. We’d welcome a conversation with you to learn more about your experience and product integration needs. We're always looking to learn and grow, and feedback from our customers is key to that journey. You can connect with me at kaitlin.ricketts@expel.com and I’ll bring in the right folks for the discussion. Thank you for being an Expel customer and look forward to connecting with you. ### 12. Have had great success with Expel both on troubleshooting and daily operations **Rating:** 5.0/5.0 stars **Reviewed by:** Paul R. | Sr. Security Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** February 27, 2025 **What do you like best about Expel?** Expel is extremely communicative letting us know what they are seeing in our environment within a very short timeframe. Their representatives and engineers are always eager to assist and get the right people on calls so that an issue can be resolved promptly. **What do you dislike about Expel?** I have not had any downfalls or issues with Expel at this time. My only small complaint is that sometimes after they have been notified of something they still report on it and open another ticket when we have already verified the issue and acknowledged it with them. **What problems is Expel solving and how is that benefiting you?** Expel is solving the problem of extending our security team so that we have less work to sift through on daily events. ### 13. Great response time from analysts **Rating:** 5.0/5.0 stars **Reviewed by:** RHYS J. | Information Security Engineer, Enterprise (> 1000 emp.) **Reviewed Date:** February 08, 2024 **What do you like best about Expel?** Expel analysts are very prompt in response. Whenever I have a query, I always say @Ruxie and the analysts provide accurate information. 24/7 coverage is also very helpful. It is easy to navigate around the platform. Easy to implement and there are enough guidelines to work on the integrations. Customer support is prompt and easy to contact **What do you dislike about Expel?** When it comes to resolving or troubleshooting, it takes a very long time. **What problems is Expel solving and how is that benefiting you?** Expel is quickly and accurately analysing all the alerts and incidents we have in Microsoft Defender. ### 14. A smart way to handle security threats in our company **Rating:** 4.0/5.0 stars **Reviewed by:** Mohamed B. | Security operations manager, Industrial Automation, Small-Business (50 or fewer emp.) **Reviewed Date:** January 04, 2025 **What do you like best about Expel?** But what grab my attention is the quick detection and response to security threats Expel provides. It’s saved a bunch of time in monitoring threats and even in incident response. This has also integrated nicely with our existing SIEM tools, so we haven’t had to make major changes to how we currently run. Furthermore their team insights and recommendations have allowed us to be a bit more proactive about security management. **What do you dislike about Expel?** Expel is a kind of reliable solution, however, there are some aspects which deserve better mentioning. For example, alerting system has no customization, certain alerts are general, so it is challenging to prioritize the alerts received. Still, it is superb for overall security management, but there are some particular security issues that it doesn’t describe comprehensively, so we have to use some other tools to fill the gaps. **What problems is Expel solving and how is that benefiting you?** We’ve been able to solve a lot of security management problems for us using Expel. By taking away a lot of our manual tasks, its ability to automatically detect and respond to threats has cut down a lot of time our team would otherwise spend on those manual tasks. The software has easily fitted in with our current setup, allowing us to respond faster and better to security incidents. This also helps our team lower on high value projects as we have continuous monitoring of the security side of things. ### 15. Keeps cybersecurity management streamlined and efficient **Rating:** 4.5/5.0 stars **Reviewed by:** Helmi C. | IoT Solutions Architect, Computer Software, Small-Business (50 or fewer emp.) **Reviewed Date:** December 13, 2024 **What do you like best about Expel?** Without a doubt, I like Expel because it provides quite detailed actionable insights in order to make fast decisions. It is integrated with our other systems well enough so we have all our security related information in one place. I like how it’s able to deliver automatic threat detection, fast updates. In addition, being easy to use, the platform enables less experienced team members to handle it without requiring much training. **What do you dislike about Expel?** What I’ve seen as a drawback with Expel is that the way it reports could be more customizable. The default reports cover the basics, but options are few and far between when you want a little more specific or in depth insight. However, it can be a little hand limited, and if I need something slightly different, I wind up spending additional time tinkering with formatting and manually manipulating reports to work. It can slow down decision making and reduce workflows efficiencies. **What problems is Expel solving and how is that benefiting you?** With Expel we solve several key issues in our security operations. It helps to detect threat more quickly and streamline threat detection, providing actionable insights and automated response, thus sped up process and save human error. Having all of the data in one interface has made receiving data from various sources so much easier for our team to analyze security risks and make decisions. This always eventually leads to better risk mitigation and faster resolution of security issues. ### 16. One of the leading MDR service provider in the industry right now **Rating:** 4.5/5.0 stars **Reviewed by:** Manish D. | Staff Security Engineer - SecOps, Enterprise (> 1000 emp.) **Reviewed Date:** July 25, 2024 **What do you like best about Expel?** Expel's workbench MDR platform is an extensive and feature rich service offering. It has out of the box integrations available for all major service offerings like AWS, Azure, Gsuite, Okta, GitHub, Office365, Crowdstrike and many more. You can easily implement detection and response capabilities for your computing infrastructure irrespective of on-prem, cloud or hybrid architectures. Expel's 24X7 advance SOC team is highly responsive and effcient in detection and response activities. Their Service support team is extremely attentive and responsive for any sort of issues raised by customer. **What do you dislike about Expel?** They don't have any major downsides which I'm aware. The only thing which can be added to improve the offerings are automated workflows which can be helpful for remediation. **What problems is Expel solving and how is that benefiting you?** Every enterprise needs to have a next generation SOC capabilities to combat the ever growing threats and threat actors. Now building such capabilities in-house might take huge time and investment. Expel MDR is capable of providing such next generation SOC and monitoring capabilities right from the 1st day. Thanks to their experienced team of threat hunters and industry leading security tools & services. They all are trained really well and have years of experience in flagging suspicious activities in your digital infra. They also make use of AI/ML and automation to reduce the cyber dwell time and provide best in class service to its clients. ### 17. Comprehensive, capable, but still an external provider **Rating:** 3.5/5.0 stars **Reviewed by:** Verified User in Computer Software | Mid-Market (51-1000 emp.) **Reviewed Date:** October 07, 2024 **What do you like best about Expel?** The Expel team has a solid set of skills that span a reasonable breadth of what you would expect to find in a Security Operations organization and delivered via a technology platform that is both flexible and powerful. While implementation isn't necessarily simple, it is fairly straight-forward and what you would expect when looking at a service that needs to ingest things like various security platform logs. The documentation can be a mixed bag - some of the articles are fantastic and provide great details about the topics, while others feel outdated as a result of changes outside of Expel's control (e.g. when Google makes changes to how logging works, there is a lag to when Expel's documentation is updated to reflect those changes). Overall, Expel has done a great job of keeping up with our environment in terms of triaging and dispositioning alerts that come into the service. They have been responsive to additional context and information provided by our team as well. One of the key areas of strength for Expel historically has been their responsiveness to support requests from our team. In the past, these requests were quickly acknowledged and the appropriate support resources are deployed to help. More recently, this experience has been less consistent and less straightforward, in part due to changes in how support gets engaged. That said, Expel has observed and identified the unexpected downsides to some of the recent changes, and they have made a point of working directly with customers to improve it. That is a promising approach that will, hopefully, lead to a more seamless and easier support experience. **What do you dislike about Expel?** Despite the capabilities of the technical platform and the strength of the analysts providing the service, there is still a limit to the environmental/organizational knowledge inherent in the service. This leads to a fairly frequent need for engagement with our internal team to get clarification and verification. While seeking that verification is not necessarily a downside (some of these requests are absolutely necessary), they can become repetitive as a result of the lack of organizational knowledge retention within Expel specific to the customer environments. More recently, there has been some shift in the thoroughness or evidence of human analysis prior to escalation/engagement with our internal team by Expel. While the automation capabilities of Expel are impressive, they often fall short of correlating with concurrent or historic activity, which is often a rich source of context. This may not always eliminate the need for direct engagement, but it would likely cut down on the frequency and limit it to higher-impact instances. **What problems is Expel solving and how is that benefiting you?** Expel is helping us monitor our enterprise environments for cybersecurity threats. This includes employee compute endpoints, cloud resources, and SaaS. Expel provides us with "24x7x365" coverage across all of these environments using a broad array of techniques and technologies. The primary benefit we get is the human coverage to ensure high criticality and impactful security alerts and incidents are handled in a timely and efficient manner. They are effectively a force-multiplier for our internal team by providing the first line of analysis, freeing up our internal resources to focus on higher order tasks and more involved incident response and threat detection analysis efforts. ### 18. Experiences with Expel **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Computer Software | Mid-Market (51-1000 emp.) **Reviewed Date:** January 24, 2025 **What do you like best about Expel?** What I like best about Expel is that it provides me with security alerts and ways for me to contact support in situations where I need assistance. **What do you dislike about Expel?** There are times when I receieve alerts where I have provided instructions that someone will be working in another country and so suppress those alerts but Expel still alerts about it. Support has been helpful where we follow up with those alerts to supress them. **What problems is Expel solving and how is that benefiting you?** Expel provides security detection and response to allow our business to operate efficiently and securely since we are a small tech start up company. ### 19. Great initial start with Expel **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Financial Services | Mid-Market (51-1000 emp.) **Reviewed Date:** August 01, 2024 **What do you like best about Expel?** The onboarding experience has been very structured and detailed, with Expel taking the time to address all questions. The system integration and tracking has been very helpful. The biggest ease has been the ability to verify non-malicious behavior within Slack with a quick button. Customer support has also been reasonably quick, and again it's helpful to have conversations within a Slack thread. The platform itself has an easy-to-use interface with great visibility into how logs from different applications are being used for alerts. The full visibility into the detection strategy and the ease with which we can answer questions about the specific detections for the logs, has already been very useful. **What do you dislike about Expel?** While Expel has the most integrations compared to the other products that we reviewed, the only gap that we currently have is around the number of available integrations. While there is a lot of focus on the applications that we CAN integrate, it would be helpful to understand the gaps in monitoring due to the applications in our environment that were not supported. **What problems is Expel solving and how is that benefiting you?** Provides 24/7 monitoring and ongoing expertise on latest threast, helping us to avoid hiring resources to fill these roles. ### 20. Expel is killing it **Rating:** 5.0/5.0 stars **Reviewed by:** Dave M. | Mid-Market (51-1000 emp.) **Reviewed Date:** May 13, 2024 **What do you like best about Expel?** Expel has set a new standard for what a managed SOC should be. Beyond their breadth of integrations, they provide fantastic support and somehow seem to directly connect us with an engineer when needed. Perhaps most importantly, they heavily emphasize customer feedback and continually add features and improve user experience. Expel is not your typical SOC where feature requests seem to find a black hole. **What do you dislike about Expel?** I can think of no downsides. Expel is a young company, so sometimes technical documentation is not the clearest. That's my only nit to pick and has no impacted the quality of service we receive. **What problems is Expel solving and how is that benefiting you?** Expel keeps eyes on our user accounts, corporate networks, and our cloud infrastructure. Without Expel, we would struggle to have centralized logging and alerting. Their team does a remarkable job of capturing anomalies and weeding out false positives. We can rest easy knowing that they're watching 24/7 and sending accurate alerts. ### 21. Professional and efficient. **Rating:** 4.5/5.0 stars **Reviewed by:** Jerry S. | Associate Director of Security Operations., Enterprise (> 1000 emp.) **Reviewed Date:** January 27, 2025 **What do you like best about Expel?** Ease of onboarding. Not too reactive when it comes to alerts. **What do you dislike about Expel?** There isn't much I don't like. Maybe a couple alerts I think they should have acted on. **What problems is Expel solving and how is that benefiting you?** Expel serve as our eyes and ears 24x7 but in particular those after hours alerts. ### 22. Lightning fast integration and outstanding support **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Computer Games | Mid-Market (51-1000 emp.) **Reviewed Date:** August 07, 2024 **What do you like best about Expel?** Security operations are often an afterthought in startup environments. Our partnership with Expel ensures this isn't the case and our business and customers remain protected. During the sales process, we mapped our cloud/SaaS ecosystem to a number of MDRs, and only Expel came close. Onboarding took less than a day. Expel's new features have served us well as our business has morphed and changed. Reporting is targeted toward our security objectives. Customer relationship management is strong. Whenever we've had issues/incidents (which has been very rare), support is responsive, direct, and fast in resolving. **What do you dislike about Expel?** I haven't encountered many downsides. From a pricing perspetive, they are at the top, though for a startup like ours, I've found that the ROI counterbalanaces the cost nicely. **What problems is Expel solving and how is that benefiting you?** Expel provices 24/7 security/threat monitoring and response of our critical infrastruction. They also educate us on best-practices for achieving our security and business objectives. In doing so, they save us from having to hire this talent internally or (worse) foregoing any of this protection. ### 23. Expel MDR as part of a Hybrid SOC Strategy **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Pharmaceuticals | Enterprise (> 1000 emp.) **Reviewed Date:** August 21, 2024 **What do you like best about Expel?** Expel aim to be a true partner that can be a replacemet for a SOC or a part of a hybrid SOC model. The platform is easy to implement and instantly provides value. The product covers a widest range of log sources and can assist any company under-going a digital transformation in to the cloud. **What do you dislike about Expel?** The detection strategy isn't transparent for a customer building a hybrid SOC implementation and can make it difficult to report on detection posture. **What problems is Expel solving and how is that benefiting you?** Expel allows me to keep pace with the business, whereever they might go. In our hybrid SOC model, the transparency of the work done by Expel's experienced analysts upskill my analysts. The network effect of their detections based on what they see across customers provides robust and timely alerting without overwhleming my SOC. ### 24. Security at the Speed of Light: Expel Deliver's Peace of Mind **Rating:** 5.0/5.0 stars **Reviewed by:** Garrett C. | IT Security Analyst, Retail, Enterprise (> 1000 emp.) **Reviewed Date:** January 19, 2024 **What do you like best about Expel?** Time-To-Value was huge, we had all of our tools feeding into Expel and getting Actionable alerts within hours of starting our Proof Of Concept. Low False Positive Rate: our previous provider had a very high noise to signal ratio of alerts. Expel has vastly reduced the rate of false positives being sent to our team, freeing my team up to tackle bigger security projects and spend less time chasing ghosts. Alert to Incident times are consistently the fastest i've ever seen from an MDR provider with most Incidents being opened in less than 5 minutes after an alert is generated. Auto-Remediation Options, while more providers are offering this, it's nice to not only have these features - but Expel also offers a great deal of granularity in selecting what remediation actions can be performed on what accounts or devices through the customer context you provide. With Expel, I sleep soundly knowing if something goes wrong we've got a word class security partner watching over our environment **What do you dislike about Expel?** Expel offers extremely robust and smart features and tools in Slack, unfortunately many of those features are not also available in Microsoft Teams, as a Microsoft centric organization this has been our biggest downside. But at the end of the day it's a pretty minor annoyance. There is 1 tool that we are currently using that does not integrate natively with Expel, overall the impact is pretty minor - but it's always nice to have more integrations. **What problems is Expel solving and how is that benefiting you?** Expel eliminates false positives and reduces the gap between alerts and actions. This has taken a burden off our Security Team and has empowered us to be able to do more and tackle more meaningful long-term projects without compromising our security posture. With Expel we have a security partner who can provide relevant resiliency recommendations, giving us insight on how we can improve our security posture with every incident ### 25. Exceptional response times and easy onboarding **Rating:** 5.0/5.0 stars **Reviewed by:** Alex A. | Senior IT Systems Manager, Enterprise (> 1000 emp.) **Reviewed Date:** May 08, 2024 **What do you like best about Expel?** The time to onboard 14 security devices was quite astounding. Within 8 hours of having an environment provisioned, our workbench was fully operational. The depth and breadth of information provided to alerts and incidents has allowed our ops team to push the benchmark forward. **What do you dislike about Expel?** Nothing to complain about as of yet. All tracked service levels are being exceeded with strong margin. **What problems is Expel solving and how is that benefiting you?** Providing deep correlation across multiple security devices and log sources in ways that previously took more time and energy. Overall operational efficiency is greatly increased for our teams, ### 26. Expel **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Computer Software | Enterprise (> 1000 emp.) **Reviewed Date:** August 28, 2024 **What do you like best about Expel?** Expel sets itself apart from the competition by offering SLA's on alerts. This is a game changer. Without a SLA, how do you sleep at night knowing that your MSP might be handling a alert quickly or not. Expel has a very easy dashboard that offers quick insights into your environment. Sales team was easy to work with and helped design a solution that fit our company. **What do you dislike about Expel?** Expel has been running in our environment for the past 6 months and we have not run into any dislikes yet. **What problems is Expel solving and how is that benefiting you?** Expel is monitoring our environment 24/7, providing peace of mind that the experts are on it. ### 27. Expel has been a game changer for our Organization **Rating:** 5.0/5.0 stars **Reviewed by:** Liam T. | Enterprise (> 1000 emp.) **Reviewed Date:** February 01, 2024 **What do you like best about Expel?** Expel’s centralized dashboards provide valuable information to investigate threats. The data related to investigations is well organization and easy to locate key information. Expel provides notification when an investigation is kickd off which allows our security team to get a head start with investigating and remediating threats. **What do you dislike about Expel?** Expel does have some limitiations on what applications or security solutions it can be integrated with but they are always adding new solutions so we look forward to any new interractions they expand to. **What problems is Expel solving and how is that benefiting you?** Expel saves us time that our security team can spend working on more strategic projects. In addition, it allows us to keep our security team at a smaller size without putting our organziation in danger of not detecting and mitigating cyber threats. It provides use with 24/7 coverage. ### 28. Great platform platform (workbench) and SOC service **Rating:** 4.5/5.0 stars **Reviewed by:** Danilo N. | Vice President - Cybersecurity & Compliance, Enterprise (> 1000 emp.) **Reviewed Date:** May 07, 2024 **What do you like best about Expel?** The ease to integrate with their workbench platform and their knowledge to get telemetry through splunk made the implementation quick and proved value early. They have deep knowledge to build custom rules based out of splunk and quickly accelerated the time to detect and respond across the security teams. **What do you dislike about Expel?** The only thing I've disliked was the price. At some point it became hard too afford due to cost cutting and some other internal issues. They worked out a renewal at a very good deal (which is a plus) but I would still think that the overall TCO being better would be the only thing making me stay away of a 10 **What problems is Expel solving and how is that benefiting you?** Detect and respond 365/24/7 ### 29. Indeed Managed Security Service as Strategic partner **Rating:** 4.5/5.0 stars **Reviewed by:** Matloob A. | AVP InfoSec & Architect, Small-Business (50 or fewer emp.) **Reviewed Date:** July 21, 2024 **What do you like best about Expel?** The gears behind the expel engine which works inteligently with so many widley available hooks of integrations **What do you dislike about Expel?** So far nothing found any bad noise. **What problems is Expel solving and how is that benefiting you?** managed detection and response- integrated with various telematery sources of security systems logs/feeds etc.. ### 30. Great professional SOC services, always growing, but needs some interaction improvements **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Information Services | Enterprise (> 1000 emp.) **Reviewed Date:** May 02, 2024 **What do you like best about Expel?** The SOC is able to reduce the amount of false positives and provide analysis on alerts where needed. Threat update are VERY GOOD and we have leveraged these a good deal to assess and beter secure our environment. **What do you dislike about Expel?** Lately (within the last 6 months) there has been a reduction in commo between our groups. Example - the SOC recently elevated a alert the was a more minor conditional access to a BEC - when BEC was not the source. We clarified this to Ruxie and our Customer Rep, but did not get a resolution or recommendation for almost a month after raising it. Interactive commo (asking questions through Slack) is delayed at best - very unresponsive at worst. If a better way to interact with the SOC needs to be identified, then customers should be made aware. **What problems is Expel solving and how is that benefiting you?** As a smaller company (1200 employees) we need Expels assistance for reducing false positivates and providing the 'eyes on glass' that we need because of staffing. ### 31. No brainer! Best MDR vendor for keeping your company safe **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Computer Software | Mid-Market (51-1000 emp.) **Reviewed Date:** February 03, 2024 **What do you like best about Expel?** accurate and valid inquiries. It is exactly what you want from your security operations center... They tell us when we need to investigate without the busy work of tracking down a lot of false positives. Implementation is a breeze, and you really are up in running in hours! Our support team is fantastic, and we love the partnership. Being a CISO and having worked with most of the major MDRs in the past, Expel is my go-to partner to monitor, detect, and respond to bad actors. I sleep better at night knowing they are watching my organization. **What do you dislike about Expel?** Expel is a vendor I would call anytime I have an organizational need for a world-class 24x7 MDR. If I had to provide one critic, they are not the cheapest option out there. However, it is true that you get what you pay for. **What problems is Expel solving and how is that benefiting you?** Expel provides 24x7x365 security monitoring of our infrastructure. It would cost 7 figures to run our own Security Operations Center. Expel doe sit for a fraction of the cost. ### 32. Great MDR partner to work with. **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Enterprise (> 1000 emp.) **Reviewed Date:** July 29, 2024 **What do you like best about Expel?** Expel allows me to sleep at night, and not be paged by low level alert, and focus on projects and detections that are more important. **What do you dislike about Expel?** I wish there were more options for custom detection building. They can be a bit reliant on detections\alerts out of the box from vendors. **What problems is Expel solving and how is that benefiting you?** Around the clock triaging, deduping, escalation of alerts from our security tools. ### 33. Expel gives me the peace of mind to sleep at night. **Rating:** 5.0/5.0 stars **Reviewed by:** Matthew C. | Vice President of IT and Cloud Operations, Mid-Market (51-1000 emp.) **Reviewed Date:** January 19, 2024 **What do you like best about Expel?** CyberSecurity defense is an ever changing landscape. I need a partner that allows me to use and apply 'best of breed' solutions integrated into the SOC and MDR solutions they provide. Expel provides that! **What do you dislike about Expel?** I do not have any complaints about the Expel offering. A caveat: As with any highly customizable solution, a level of commitment is required from your internal team. You will not truly maximize the effectiveness of the solution in your organization without learning the solution and fully engaging in the custom configuration process. **What problems is Expel solving and how is that benefiting you?** I need a cyber security partner providing 24X7 SOC and MDR services accross a complicated tech stack. ### 34. Great product **Rating:** 5.0/5.0 stars **Reviewed by:** Joshua Q. | Director of IT, Mid-Market (51-1000 emp.) **Reviewed Date:** May 08, 2024 **What do you like best about Expel?** Their team is very helpful to setup our integrations and setup alerting and remediation policies **What do you dislike about Expel?** Nothing stands out from my perspective. It is great. **What problems is Expel solving and how is that benefiting you?** We have a small security team so using expel has allowed us to stay lean while still being able to react to threats ### 35. With Expel "MDR" is no longer a swear word **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Consumer Goods | Enterprise (> 1000 emp.) **Reviewed Date:** January 09, 2024 **What do you like best about Expel?** Expel offers an intuitive platform that includes integrations for most of the major security tools on the market. Those few technologies not supported out-of-the-box can still be integrated with custom detections (provided you are using a supported SIEM). With that said, the real gem of Expel is the people. Unlike some other MDR providers, Expel analysts are actual security practitioners, not people with vague understandings about IT that can read a script. **What do you dislike about Expel?** There were a couple of technologies that Expel did not offer native support for out of the gate. With that said, the value of Expel is such that I changed one of my technologies to a different vendor so that we could integrate it with Expel. **What problems is Expel solving and how is that benefiting you?** Expel is performing the inital triage to reduce the potential for alert fatigue and they help me sleep at night by providing 24x7x365 coverage. ### 36. Awesome Resource for our enviroment **Rating:** 4.5/5.0 stars **Reviewed by:** Marcus B. | Enterprise (> 1000 emp.) **Reviewed Date:** February 01, 2024 **What do you like best about Expel?** I like the growth and development of the product, the response time, interaction, and ability to resolve issues is excellent. **What do you dislike about Expel?** Cost - it is a great product and you do get what you pay for, but the cost for non-profits is high. **What problems is Expel solving and how is that benefiting you?** Bad actors never sleep, as a non-profit organization we can not staff our environment 24/7. The Expel monitoring, AI tools and analysis allow our small team to focus on other issues, while knowing there is an extra pair of eyes keeping our data safe. ### 37. Expel simplifies security monitoring with extensive integrations and timely triage **Rating:** 5.0/5.0 stars **Reviewed by:** Jeremy K. | Enterprise (> 1000 emp.) **Reviewed Date:** February 08, 2024 **What do you like best about Expel?** Expel allows our organization to focus on improving our security posture without worrying about triaging security alerts from numerous sources. They work with us for escalated investigations through remediation and closure. Our first stop in implmenting new infrastructure is to check interoperability with Expel. **What do you dislike about Expel?** While Expel integrates well for ingestion and investigation, bidirectional support to update status at the source is limited. **What problems is Expel solving and how is that benefiting you?** Expel frees up internal resources while ensuring that alerts are triaged and responded to. ### 38. Great Information and Investigations **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Food & Beverages | Enterprise (> 1000 emp.) **Reviewed Date:** January 24, 2024 **What do you like best about Expel?** When Critical Alerts come through, their workbench provides excellent data in a relatively easy to use format. They integrate with most of the services we utilize, and have some very useful auto remediations. They help to filter out benign alerts from exhausting your team, and their use of AI & Automation means you have good info at your fingertips no matter the hour. Their Team is always available to answer any questions. **What do you dislike about Expel?** The only downside we've experienced is the time it takes to tune the product to a point that you can have full confidence in it. **What problems is Expel solving and how is that benefiting you?** Expel Predominantly Solves our Alert Exhaustion and after hours investigation, They also help provide excellent intel when we receive real threats. ### 39. Expel is GREAT to work with! **Rating:** 3.5/5.0 stars **Reviewed by:** Verified User in Computer Software | Mid-Market (51-1000 emp.) **Reviewed Date:** July 22, 2024 **What do you like best about Expel?** They are easy to work with, and their customer support makes implementation, integrations and troublshooting a breeze **What do you dislike about Expel?** The alerts can be a little noisy at times. **What problems is Expel solving and how is that benefiting you?** Level 1 SOC ### 40. Collaborative, Top Notch SOC **Rating:** 5.0/5.0 stars **Reviewed by:** Vince B. | Mid-Market (51-1000 emp.) **Reviewed Date:** January 24, 2024 **What do you like best about Expel?** The Expel team (from our amazing and responsive Account Manager to the super knowledgeable Technical team) are top notch. Onboarding was a very simple process. Once onboarded, the platform and SOC team have been extremely responsive and helpful in identifying and mitigating issues. We are overall very happy with Expel. **What do you dislike about Expel?** I honestly cannot think of anything i dislike about Expel. **What problems is Expel solving and how is that benefiting you?** Early detection and remediation of anomolous activity for cloud accounts, additional oversight over our EDR management. ### 41. Expel helps free up resources **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Airlines/Aviation | Enterprise (> 1000 emp.) **Reviewed Date:** January 31, 2024 **What do you like best about Expel?** We have a relatively small security team and Expel helps up focus on the items we need to address while also freeing up time to focus on other areas that need addressed. Implementation was quick and straight forward. **What do you dislike about Expel?** I've never really experienced an area where I've had any issues that weren't resolved quickly. There isn't much to dislike about their product. **What problems is Expel solving and how is that benefiting you?** Lack of sufficient people power is the biggest. We don't have to worry about staffing a SOC and providing the specific training required. Expel has taken that burden off of us so we can focus on the more advanced items. ### 42. Good detection capabilities and great support **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Computer Networking | Mid-Market (51-1000 emp.) **Reviewed Date:** May 08, 2024 **What do you like best about Expel?** The platform is intuitive and very easy to use. Expel helps keep en eye on all of our alerts 24/7 to enhance the coverage of our internal staff and ensures that we never miss anything important. **What do you dislike about Expel?** Currently it does not support our IdP which limits the visibility into much of our user authentication. They will be adding support this year hopefully which will close that gap. **What problems is Expel solving and how is that benefiting you?** Expel is solving the problem of providing continuous coverage to monitor security alerts from our security stack. ### 43. Expel review **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Financial Services | Small-Business (50 or fewer emp.) **Reviewed Date:** May 06, 2024 **What do you like best about Expel?** Slack implementation and news with MDR. Great customer service **What do you dislike about Expel?** Not much downside, I have least experience within our team **What problems is Expel solving and how is that benefiting you?** All endpoint devices are covered and made sure they are not being attacked. One of our end points had a malicious software installed and was alerted quickly. ### 44. Great Partner **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Computer & Network Security | Small-Business (50 or fewer emp.) **Reviewed Date:** May 06, 2024 **What do you like best about Expel?** The onboarding experience was quick and simple **What do you dislike about Expel?** So far we've found no downside to using expel **What problems is Expel solving and how is that benefiting you?** Expel is augmenting our small team. We don't have the bandwidth to follow up on security alerts and they are helping us respond to what we need to. ### 45. Pleased Expel customer **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Computer Software | Mid-Market (51-1000 emp.) **Reviewed Date:** May 07, 2024 **What do you like best about Expel?** Implementation is almost trivial Required permissions for integration make sense, not overprovisioned Response to security concerns has been by-the-book excellent **What do you dislike about Expel?** Some documentation is out of date due to upgrades, but improving. **What problems is Expel solving and how is that benefiting you?** We have a small team and can't respond to incidents 24/7 ### 46. Our entire interaction with Expal has been well above par. **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Hospital & Health Care | Enterprise (> 1000 emp.) **Reviewed Date:** May 07, 2024 **What do you like best about Expel?** The team is very responsive and great! We work together to find solutions to any issues between our organization and the Expel team. **What do you dislike about Expel?** We lack some integrations due to cost. We need to work with our team to find the right level of integrations and cost to maximize our instance **What problems is Expel solving and how is that benefiting you?** I have a small team of only 2 full time cyber engineers. Expel gives us 24x7 protection and helps us to sleep better at night. ### 47. Best MDR **Rating:** 5.0/5.0 stars **Reviewed by:** Jonathan W. | Cyber Warfare Operations Officer, Small-Business (50 or fewer emp.) **Reviewed Date:** January 24, 2024 **What do you like best about Expel?** Expel is always looking to do better and be better, so we provided feedback through normal channels and while I was a member of their Customer Advisory Board and they made a ton of improvements and changes to an already excellent platform to make it even better. **What do you dislike about Expel?** They don't cover all of the tech equally. They have some integrations and detections but naturally they can't do it all. **What problems is Expel solving and how is that benefiting you?** They were an extension of my team and helped us scale while still providing security. ### 48. Great company to partner with for your SOC MDR needs. **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Manufacturing | Enterprise (> 1000 emp.) **Reviewed Date:** May 02, 2024 **What do you like best about Expel?** I like that Expel integrates with my tech stack and also allows me to automate remediation actions and responses. It frees up my team so we can work on improving our security program. **What do you dislike about Expel?** I wish Expel had the ability for me to create and schedule custom reports. **What problems is Expel solving and how is that benefiting you?** Expel takes care of our L1 triage and automated remediations as well as after hours "eyes on glass" and alerting. ### 49. Expel has been great with alerting us in a timely manner. **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Hospitality | Enterprise (> 1000 emp.) **Reviewed Date:** May 02, 2024 **What do you like best about Expel?** Expel has alerted us of threats in a timely manner. They have also been very easy and pleasant to work with. **What do you dislike about Expel?** It can sometimes take longer than we would like for their engineers to look into our inquiries, but this hasn't been a big issue. **What problems is Expel solving and how is that benefiting you?** Expel allows us to bring our monitoring and detection into one dashboard that easy to learn and work with. ### 50. Easy onboarding with top notch MDR capabilities. **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Hospitality | Enterprise (> 1000 emp.) **Reviewed Date:** January 24, 2024 **What do you like best about Expel?** We have been oboardered for only a few months now. API integrations are easy to setup by following knowledge base articles. The users interface (dashboard) provides an so much detail into alerts and investigations. The SOC anaylst have been a pleasure to work with and very knowledgable. **What do you dislike about Expel?** Integrations are limited to more popular security tools. **What problems is Expel solving and how is that benefiting you?** We needed 24/7 SOC that we did not have in house. ## Expel Discussions - [What is Expel used for?](https://www.g2.com/discussions/what-is-expel-used-for) - [View Expel pricing details and edition comparison](https://www.g2.com/products/expel/reviews?section=pricing&secure%5Bexpires_at%5D=2026-05-15+06%3A11%3A49+-0500&secure%5Bsession_id%5D=f327c568-5eb8-43f8-9be1-34fe19d5032b&secure%5Btoken%5D=e45b79f758a768ea999dc20654603cbac145b6755517a1861248bc00e021db65&format=llm_user) ## Expel Integrations - [Amazon GuardDuty](https://www.g2.com/products/amazon-guardduty/reviews) - [AWS CloudTrail](https://www.g2.com/products/aws-cloudtrail/reviews) - [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews) - [Google Cloud Storage](https://www.g2.com/products/google-cloud-storage/reviews) - [Google Workspace](https://www.g2.com/products/google-workspace/reviews) - [Microsoft 365](https://www.g2.com/products/microsoft365/reviews) - [Microsoft Defender for Endpoint](https://www.g2.com/products/microsoft-defender-for-endpoint/reviews) - [SentinelOne Singularity XDR](https://www.g2.com/products/sentinelone-singularity-xdr/reviews) - [Wiz](https://www.g2.com/products/wiz-wiz/reviews) ## Expel Features **Platform Features** - 24/7 support - Proactive report alerts - Application control - Proactive threat hunting - Rapid response time - Customizeable reports - Managed Services **Agentic AI - AWS Marketplace** - Autonomous Task Execution - Multi-step Planning - Cross-system Integration **Automation Capabilities** - Automated remediation - Automated investigation - AI Agents ## Top Expel Alternatives - [Arctic Wolf](https://www.g2.com/products/arctic-wolf/reviews) - 4.7/5.0 (275 reviews) - [Huntress Managed EDR](https://www.g2.com/products/huntress-managed-edr/reviews) - 4.9/5.0 (877 reviews) - [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews) - 4.7/5.0 (374 reviews)