
Expel Status
Real-time updates of Expel issues and outages
Expel status is Operational
Workbench login
Expel Alert ingestion
Expel Phishing submissions
Active Incidents
As part of a previously communicated Microsoft deprecation, Expel is no longer ingesting Microsoft Defender for Identity alerts (via the Microsoft Defender for Cloud Apps integration). Any customers who have onboarded a Microsoft Defender XDR device will have coverage restored shortly and begin reprocessing alerts. We recommend that customers who have the Microsoft Defender for Cloud Apps integration, but have not yet onboarded Microsoft XDR to Workbench, complete the onboarding as soon as possible. We will provide a status update once we have enabled all onboarded Defender XDR devices. In the meantime, please contact your Customer Success Manager if you need assistance with onboarding or if you have additional questions.
Microsoft is rolling out deprecation of legacy Exchange tokens that may prevent your users from being able to report emails using the Expel custom Office 365 Phishing button.
Expel is working on development and testing of an updated Expel O365/M365 Phishing button for web and desktop applications that will work with the NAA authentication scheme.
Until Expel is able to deploy the newly developed Phishing button, you should follow the instructions from Microsoft (https://learn.microsoft.com/en-us/office/dev/add-ins/outlook/turn-exchange-tokens-on-off) to enable legacy tokens for your tenant. It can take up to 24 hours for this change to take effect.
Contact support if you need assistance with this process.
Recently Resolved Incidents
We are aware of intermittent login failures for Workbench. We are actively investigating. We will provide an update at 5:30 EST.
Expel Outage Survival Guide
Expel Components
Expel Workbench availability
Workbench global network connectivity
Workbench login
We are aware of intermittent login failures for Workbench. We are actively investigating. We will provide an update at 5:30 EST.
Expel Workbench features
Investigative actions
File uploads
Expel Notifications
Slack
Teams
Ticketing systems (via email, such as Jira)
PagerDuty
Opsgenie
ServiceNow
Expel Assembler connectivity
Expel Alert ingestion
As part of a previously communicated Microsoft deprecation, Expel is no longer ingesting Microsoft Defender for Identity alerts (via the Microsoft Defender for Cloud Apps integration). Any customers who have onboarded a Microsoft Defender XDR device will have coverage restored shortly and begin reprocessing alerts. We recommend that customers who have the Microsoft Defender for Cloud Apps integration, but have not yet onboarded Microsoft XDR to Workbench, complete the onboarding as soon as possible. We will provide a status update once we have enabled all onboarded Defender XDR devices. In the meantime, please contact your Customer Success Manager if you need assistance with onboarding or if you have additional questions.
Expel Slack channels for customers
Expel Phishing submissions
Microsoft is rolling out deprecation of legacy Exchange tokens that may prevent your users from being able to report emails using the Expel custom Office 365 Phishing button.
Expel is working on development and testing of an updated Expel O365/M365 Phishing button for web and desktop applications that will work with the NAA authentication scheme.
Until Expel is able to deploy the newly developed Phishing button, you should follow the instructions from Microsoft (https://learn.microsoft.com/en-us/office/dev/add-ins/outlook/turn-exchange-tokens-on-off) to enable legacy tokens for your tenant. It can take up to 24 hours for this change to take effect.
Contact support if you need assistance with this process.