Meet Dave Merkel, Co-Founder and CEO at Security Operations Provider: Expel

Expel is a security operations provider that aims to make cybersecurity easy to understand and use, making the industry more accessible and transparent.

Expel helps companies of all shapes and sizes minimise business risk. Expel’s technology and people work together to make sense of security signals—with our customers’ business in mind—to detect, understand, and fix issues fast. The collaborative experience in the Expel Workbench™ platform enables customers to choose how they run their security operations—whether that’s following along with live investigations, or receiving alerts at every step from when an investigation starts until it’s done.

By employing a “bring-your-own-tech (BYO-tech)” approach and making sense of security signals with business context in mind, Expel’s team addresses gaps within a business’s security coverage.


How did you come up with the idea for the company?

The idea for Expel came to me and our other two founders in 2015 when we saw a tweet from a respected industry analyst claiming that managed security service provider (MSSP) customers had endured “the customer service equiv. of taxi drivers.” With all due respect to taxi drivers, we recognised a big opportunity to change the managed security industry by delivering a more delightful security experience to organisations.

We founded the company in 2016, and at that time, our competitors were predominantly services businesses. They mainly relied on humans to drive results, which meant that as those businesses scaled, the quality of the service dropped. And as they hired more people to grow, coordination became more complicated, and quality kept dropping. We started Expel with the belief that humans should still be part of the cybersecurity workflow, but technology could be a differentiator, and allow us to scale while maintaining quality.

We also saw a lack of transparency across the industry. So many MSSPs and managed detection and response (MDR) vendors use a proprietary, “black box” approach that obscures what they’re doing. We made transparency a cornerstone of Expel.

We work with all the security tools our customers already have in place, ingest their alerts, and only pass along the real issues with business context in mind. Our analysts investigate alerts and monitor customer environments, in full view of our customers’ security team. We often work arm-in-arm with them on investigations.

We tell them exactly how to address incidents, and help them fix the root cause of issues that happen over and over again. We even automatically remediate threats for any customers that opt into it. It’s pretty simple, but it’s radically different from what others in our space were doing at the time, and still do today.


How has the company evolved over the last couple of years?

The last few years have been quite a ride for us. On the technology side, we’ve taken big steps to protect our customers’ ever-changing environments. While we started with a focus on on-prem environments, we’ve kept pace to protect cloud environments as well—we’re actually some of the best in the biz—and have capabilities and solutions for Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure. We rolled out the first MDR for Kubernetes environments recently.

As a security operations provider, we also integrate with the security tools our customers already use. This year, we’ve grown to now integrate with more than 100 security tools, meaning that we’re helping organisations unlock even more value from their security investments.
In terms of our footprint, we’ve recently expanded into EMEA, and are now operating in the United Kingdom, Ireland, Sweden, and the Netherlands. We had a handful of customers already in EMEA, and saw from our experience with them that we were well equipped to address cybersecurity challenges here. We officially launched here so we could continue building our presence.

And that leads to our team. We’ve grown a lot this year, and have now surpassed 500 employees between the US and EMEA. I couldn’t be prouder of what this amazing group of professionals has accomplished. We simply wouldn’t be here today without our people.

What can we hope to see from Expel in the future?

We will continue investing in the products and technology our customers need to protect their environments. The attack surface is constantly expanding and criminals are getting more sophisticated, so that investment has always been a focus for us and always will be.

We’re also paying close attention to macroeconomic conditions, because those issues could potentially create headwinds for our customers, meaning they might not be able to invest in headcount to shore up their internal teams. The problem is, the threats don’t go away so we’re making sure we’re ready to help those organisations if and when that time comes,—in an economical and cost-effective way.

We also anticipate that we’ll grow our channel partnerships significantly in EMEA, with a focus on quality over quantity. We’ve had a lot of success with our channel partnerships in the US over the last 18 months or so, and we’re taking a channel-first approach in EMEA, so establishing trusted and productive partnerships with resellers is a big goal for us, helping us reach even more organisations.

Lastly, we’re looking to continue our international expansion, both within EMEA and in other regions around the world.

Whenever I take the opportunity to look back at what this company has accomplished, I’m always amazed. The great thing is, we’re just getting started.