Are managed security service providers (MSSPs) already yesterday’s news? Can alerts be replaced with answers delivered remotely?
Most market forecasters say that as security demands spike a glaring lack of trained security professionals has and will continue to prompt outsourcing to third parties. But Expel, a two-year old, Herndon, VA-based security startup thinks it has a better way, a platform it calls transparent managed security. With $20 million in new Series B funding to add its earlier $7.5 million haul, we're going to see if the company can prove it. The capital investment was led by Scale Ventures, one of whose partners, Ariel Tseitlin, will take a seat on Expel’s board of directors. Expel said it plans to use the money for the standard things -- accelerate product development and amp up go-to-market activities -- but didn't get any more specific.
Fittingly, the company positions itself on its website as an outsider, “an irreverent tribe focused on helping our customers love security, rebelling against the status quo and getting $#*! done.” It also says it’s an “antidote for companies trapped in failed relationships with their MSSPs and those looking to avoid the frustration of working with one in the first place.” It's good promotional rhetoric so far.
Three Managed Security Differentiators?
Honestly, it’s hard to tell if we're talking about clever market positioning or fightin’ words. No matter, what can be safely said is Expel is founded on three precepts:
- A less than favorable opinion of MSSPs, who as a group, says Expel, don’t deliver on their promise;
- a contention that most security product innovation can be deployed only by the one percent of elite security outfits -- what about the other 99 percent? And...
- its Workbench platform and analyst team helps you to help yourself.
Boiled down, Expel wants to sell IT security on the opportunity to spend less time operating products and dealing with alerts and more on minimizing risk.
“MSSPs have failed to deliver on the value they promised. They’ve beaten their customers into submission and taught them to expect less,” said Dave Merkel, Expel co-founder and CEO. “They’re alert factories that take 1,000 alerts from customers’ devices, repackage them into 100 alerts and promptly toss them back over the fence to the customer. It’s 2018. We don’t think grown security professionals should still be chasing alerts. Expel helps CISOs get out of that rut so they can focus on making decisions and managing risk.”
Shared Security Dashboard
How, exactly, does Expel help CISO’s break the inertia? For one thing, the company sets up its security platform by building on its customers’ existing security product set. It also offers a suite of services, including analysts (there are 16 of them at the moment) tasked with investigating alerts and monitoring environments, telling clients what to do if a problem surfaces, and informing customers how to fix the root cause of recurring issues. One of its selling points is that customers share an interface with Expel’s analysts to watch investigations as they unfold with the opportunity and means to act immediately. That’s the “transparency” part.
Expel maintains out of the box integration with endpoint security suppliers Carbon Black, Cisco, Endgame and Tanium; network security providers Bricata, Cisco, Palo Alto Networks and Zscaler; and, SIEM specialists LogRhythm, Splunk and Sumo Logic. The company says there are more to come as the need arises.
“The biggest gap in the information security market isn't a lack of interesting, innovative technology to generate security signal in your (endpoint, network, cloud) infrastructure," Merkel wrote in a blog post. It's the inability to make innovation actionable and affordable by the rest of us that's the problem.