Expel has integrated its managed detection and response (MDR) service with Google SecOps, giving organizations that run on Google Cloud an easier way to detect and respond to threats. The goal is to help security teams improve visibility and response time without adding new tools or building more internal processes.
Working Directly Inside Google SecOps
With this integration, Expel’s analysts can now investigate incidents directly within Google SecOps. They can view logs, IP addresses, domains, hosts, and file hashes all in one place, helping them identify and contain threats faster.
Cat Starkey, CTO at Expel, told MSSP Alert, “Organizations already using Google SecOps get immediate value by combining the platform's unified SIEM and SOAR capabilities with Expel's 24x7 analyst expertise, faster detection and response without needing additional headcount or building an in-house SOC,” said
For customers, that means tapping into Expel’s MDR services without reconfiguring or duplicating their existing infrastructure. Instead of managing separate dashboards or workflows, security teams can see Expel’s insights and actions directly inside Google SecOps, leveraging the same context-rich cases and automated workflows they already know. The result is a unified approach to security operations that minimizes friction while maintaining transparency and control.
Making the Most of Google’s AI Capabilities
Starkey said Expel analysts are also taking advantage of the AI capabilities within Google SecOps to improve efficiency and response times. “While Expel does use Gemini models internally to power some of our AI capabilities in Workbench, what matters for Google SecOps customers is that our analysts can take full advantage of what the platform offers, including Google's curated detections and custom rules customers build themselves,” she said.
By combining Google’s AI-powered investigation tools with Expel’s human-led analysis, the integration helps teams quickly understand what’s happening during an incident, prioritize the right actions, and reduce the time between detection and remediation. It’s an example of how managed security services are evolving, where the intelligence of the platform and the expertise of analysts work in tandem rather than in parallel.
Strengthening Partnership with Google
Beyond technical benefits, the collaboration signals a broader alignment between Expel and Google in shaping how organizations secure cloud-native environments. “We’re deepening our existing partnership with Google and a further investment into the leading SIEM platforms we know our customers are already using,” Starkey said. “It's part of Expel's consistent approach: meet customers where they are by integrating with their existing tools, deliver the same level of detection and response regardless of platform, and give them the flexibility to maximize their existing security investments rather than forcing them to rip and replace.”
This reflects a larger industry shift toward interoperability and platform-driven security. Instead of adding yet another layer of tools, Expel’s model emphasizes extending coverage through integration, allowing organizations to modernize security operations at their own pace while maintaining visibility and control across hybrid and multi-cloud environments. The integration with Google SecOps is available now, offering immediate benefits for Google Cloud customers seeking managed detection and response that aligns with their existing cloud operations strategy. most from their security investments.
