Expel

Vendor-neutral MDR founded by former Mandiant leaders, known for transparent operations and an API-only bring-your-own-tech model.

CompanyManaged Security Service ProvidersCloud

Pricing: Custom (contact sales)

Reviewed by the CyberSecTool editorial team against the public sources cited below · Last reviewed June 2026 · How we review listings

What is Expel?

Founded in May 2016 by ex-Mandiant/FireEye veterans Dave Merkel, Justin Bajko, and Yanek Korff, Expel takes a deliberate stance: no proprietary agent, full transparency into SOC activity via the Workbench portal, and integration with whatever security tools the customer already owns. The company reached unicorn status in November 2021 and was named a Leader in The Forrester Wave for MDR Services, Q1 2025. Independent and private.

Best for: Teams that already own a quality EDR/SIEM/cloud stack and want a transparent, vendor-neutral SOC layered on top
Pros
  • Genuinely vendor-neutral: no Expel agent, integrates with existing EDR/SIEM/cloud stack
  • Transparent operations via Workbench (customers see every analyst action in real time)
  • Strong public commitments such as a 13-minute MTTR for critical threats
  • Founding team's Mandiant lineage gives credibility in IR and detection engineering
Considerations
  • 'Bring your own tech' means customers must already own (and license) suitable EDR/SIEM/cloud tooling
  • Premium pricing relative to bundled MSSP offerings
  • Limited public pricing; sales-led

Reported in public reviews and vendor documentation. See sources below.

Key Features

MDR across endpoint, cloud, SaaS, identity, Kubernetes, and network
Managed SIEM
Phishing investigation and response
Threat hunting
Auto-remediation / automated containment with customer approval
Expel Intel threat intelligence
24/7 SOC monitoring with named MTTR commitments

Are you Expel? Improve this listing with screenshots, case studies and more.

Sources & references

Where the information on this listing comes from. Always verify pricing and capabilities against the vendor before a purchasing decision.

Spot an error, or do you represent Expel? Request a correction.