Expel expands SIEM capabilities to meet mounting data storage needs

Expel announced expanded security information and event management (SIEM) coverage, including a new low-cost data lake offering, allowing customers to meet compliance and data storage requirements more effectively while strengthening their overall security posture.

Additionally, Expel extended integration coverage and support for several industry-leading SIEM and extended detection and response (XDR) products, including Sumo Logic Cloud SIEM and CrowdStrike Falcon LogScale environments.

“Organizations are navigating an increasingly complex landscape when it comes to the balance between cybersecurity risk, spend, and return on investment,” said Yonni Shelmerdine, CPO of Expel. “With tighter budgets and a cyber talent shortage contending with the rising number of security products (driving up data and costs), organizations need more efficiencies from their tech stack for measurable security outcomes that prove ROI. Expel MDR’s™ expanded SIEM capabilities deliver flexibility in managing security data while reducing costs and aligning with regulatory needs, perfectly timed to meet these evolving market demands.”

Expel MDR’s new and expanded SIEM coverage includes:

• The ability for Expel MDR customers seeking data storage to provision a low-cost data lake and/or comprehensive cloud SIEM product.
• Several new SIEM integrations, including advanced support for out-of-the-box and custom rules, and content optimization insights to help customers tune detections within Sumo Logic Cloud SIEM and CrowdStrike Falcon LogScale environments.
• Broadened integration capabilities and added support for Google Security Operations and Palo Alto XSIAM, with advanced features expected to launch in early 2025.

Expanding on an existing alliance with Sumo Logic, Expel will now be able to offer a wider spectrum of data analytics solutions, delivering both high-efficiency and cost-effective long-term data storage and/or advanced security analytics capabilities, tailored to customers’ needs.

This new addition offers flexibility in data storage utilizing the Sumo Logic Cloud SIEM, supporting bespoke instances. It addresses storage demands, facilitates future investigations, and helps support compliance with Payment Card Industry Data Security Standard (PCI DSS), General Data Protection Regulation (GDPR), HITRUST Common Security Framework (CSF), and other data and log collection mandates.

Expel’s enhanced SIEM capabilities empower organizations to streamline their security operations, with flexibility in data storage and compliance. By combining advanced detection capabilities with broad integration support for popular SIEM tools, Expel MDR’s expanded coverage equips security leaders with the tools needed to achieve measurable security outcomes, reduce costs, and maximize their existing security investments.

With the rise of AI evolving the next generation of SIEM solutions, Sumo Logic continues to drive cloud security innovations to modernize SOCs and offer predictive insights, automated responses, and seamless integration with DevSecOps. Our partnership with Expel delivers a joint offering that expertly manages detection and response strategies while providing a best-of-breed Cloud SIEM technology to help customers speed up incident investigations by automatically triaging alerts and correlating threats through log analytics,” said Seth Williams, Field CTO at Sumo Logic.