Security News > 2021 > June > Expel rolls out managed detection and response for Microsoft
Expel for Microsoft alerts and responds to the Microsoft-specific vulnerabilities attackers typically exploit.
On Thursday, managed detection and response provider Expel announced the launch of its Expel for Microsoft offering, which automatically analyzes and prioritizes alerts across a suite of Microsoft products including Active Directory, AD Identity Protection, Azure, Microsoft Cloud App Security, Microsoft Defender for Endpoint, Office 365 and Sentinel.
Expel APIs ingests security signals from Microsoft's products along with any other third-party signals into Expel Workbench-Expel's analytics engine that triages alerts by using threat intelligence gathered from across its customer base to uncover suspicious activity.
Customized context and business rules also can be applied to help Expel's detection engine so it can learn what typical network and application traffic looks like.
"So, at the core of what we do, Expel Workbench is designed to automate as much as possible, leaving to the human the moments that are truly human."
Expel for Microsoft includes 24/7 monitoring and response for Microsoft and other vendors' security tools as well as real-time collaboration with Expel's security operations center analysts using Microsoft Teams or Slack.