Close this search box.

Expel – Simplifying Security: A $15B+ Opportunity

November 18 2021
Written by Jed Leidheiser

We’re thrilled to announce our investment in Expel, the cybersecurity leader at the intersection of operations and incident response.  Today, this market is known as Managed Detection & Response (MDR), where Expel is already the clear #1 choice, according to Forrester.  With this new $140M Series E financing, Expel will be at the forefront of an even greater goal – making security simple.

We first spent extensive time with Expel at our annual Montgomery Summit conference in early 2020.  What struck us most about the founders (Dave, Yanek, and Justin) is that they effectively balance the gravity of their mission with a joy for life.  After monitoring the company through a period of explosive growth and visiting the team back on the East Coast, it became clear that Expel had the vision and skillset necessary to become massively important in cybersecurity.


We consistently hear from CSOs and practitioners that their existing security solutions should be able to stop attacks.  Yet, we all know breaches continue to occur at an alarming rate. The reasons include alert fatigue, cyber skill shortages, siloed detection (e.g., no correlation between endpoint and network solutions), and a lack of known remediation in case of actual attacks.

To put the problem another way, an attack may generate an event in a log file, but there is insufficient context for a single solution or security analyst to notice it— how do you find the poisonous needle, in a stack of needles that all look the same?


Expel is a SaaS platform that detects security events, automates an organization’s Security Operations Center (SOC), and is prescriptive about how to resolve incidents.  Several key distinctions make it the gold standard:

  1. No New Sensors – Expel leverages signals that businesses already have, so customers get more value from their existing security investments. Expel correlates events across applications and infrastructure, leverages cross-organizational intel, and surfaces what truly matters.
  2. Prescriptive Actions – What’s special about Expel is that it gives time back to security analysts, by recommending or automating the best response for a particular attack.  Thus, analysts get out of “whack-a-mole” incident response and can focus on other priorities.
  3. Happy Customers – Businesses of all sizes are adopting Expel – Fortune 500 companies, small enterprises, and mid-market businesses. Perhaps surprising, is the multitude of security companies themselves that are customers, trusting Expel to protect their brands, their networks, and their data.
  4. 24×7 Support – Expel’s best-in-class operations and response team is available at the press of a button, whether organizations want a second pair-of-eyes or expert assistance with a thorny issue.  The deep experience of the Expel team—its founders previously led FireEye/Mandiant—should come as no surprise.

The above capabilities are all packaged in an API-based solution that can be deployed in a matter of hours, supports both cloud and on-prem environments, and covers everything from applications and infrastructure, to network and endpoints.  This unique approach stops attacks, frees up resources, and ultimately levels the playing field with attackers.


According to Gartner, 61% of organizations are increasing their security spend.  It is our belief that new purchases must be indispensible in protecting organizations from attack.  Stepping up is Expel, which fulfills “monitoring & response” within the industry’s reference architecture.

This financing allows Expel to continue innovating in a rapidly growing market, roll-out new capabilities, and accelerate their go-to-market.  We are excited to partner with Dave, Yanek, Justin, and all Expletives on this journey!

Topics Covered