Cybersecurity professional focused on automating SOC alert triage, cloud security research, and detection engineering.https://example.com/https://example.com/blog/expel-5-pro-tips-aws/https://example.com/blog/expel-5-pro-tips-aws/Practical detection engineering advice for AWS environments — from CloudTrail tuning to the queries that surface real attacker behavior.Wed, 14 Feb 2024 00:00:00 GMThttps://example.com/blog/fog-in-the-sky/https://example.com/blog/fog-in-the-sky/Cloud environments present unique logging challenges that leave security teams flying blind. A look at the gaps attackers exploit and how to close them.Mon, 15 Jan 2024 00:00:00 GMThttps://example.com/blog/expel-multi-cloud-security/https://example.com/blog/expel-multi-cloud-security/Multi-cloud environments introduce visibility gaps, inconsistent controls, and complex identity sprawl. Here's how to tackle the five most common security challenges.Thu, 02 Nov 2023 00:00:00 GMThttps://example.com/blog/expel-riot-enrichment/https://example.com/blog/expel-riot-enrichment/How RIOT enrichment helps SOC analysts distinguish signal from noise, reducing alert fatigue and improving investigation quality.Mon, 18 Sep 2023 00:00:00 GMThttps://example.com/blog/expel-detection-sprinting-gcp/https://example.com/blog/expel-detection-sprinting-gcp/A behind-the-scenes look at Expel's detection sprint methodology for Google Cloud — how we systematically build, test, and ship new detections at speed.Mon, 05 Jun 2023 00:00:00 GMThttps://example.com/blog/expel-stolen-aws-keys/https://example.com/blog/expel-stolen-aws-keys/A post-mortem on how attackers used stolen AWS access keys, what they did once inside, and how to detect and respond to this class of incident.Fri, 10 Mar 2023 00:00:00 GMT