Expel Status: check for Expel outages and issues

Expel status is Operational

Tue 15

Wed 16

Thu 17

Fri 18

Sat 19

Sun 20

Mon 21

now

Expel Alert ingestion

Tue 15

Wed 16

Thu 17

Fri 18

Sat 19

Sun 20

Mon 21

now

Expel Phishing submissions

Tue 15

Wed 16

Thu 17

Fri 18

Sat 19

Sun 20

Mon 21

now

See all 19 Expel components

Last updated 1 minute ago from official status page. Learn more

Stay ahead of Expel outages

Active Incidents

Stopped Ingesting Microsoft Defender for Identity

Started 27 Mar 2025 21:29:58 (26 days ago), still ongoing

Incident without Impact

Monitoring

Alert ingestion

As part of a previously communicated Microsoft deprecation, Expel is no longer ingesting Microsoft Defender for Identity alerts (via the Microsoft Defender for Cloud Apps integration). Any customers who have onboarded a Microsoft Defender XDR device will have coverage restored shortly and begin reprocessing alerts. We recommend that customers who have the Microsoft Defender for Cloud Apps integration, but have not yet onboarded Microsoft XDR to Workbench, complete the onboarding as soon as possible. We will provide a status update once we have enabled all onboarded Defender XDR devices. In the meantime, please contact your Customer Success Manager if you need assistance with onboarding or if you have additional questions.

Monitoring: As part of a previously communicated Microsoft deprecation, Expel is no longer ingesting Microsoft Defender for Identity alerts (via the Microsoft Defender for Cloud Apps integration). Any customers who have onboarded a Microsoft Defender XDR device have coverage and alerts are being processed. We recommend that customers who have the Microsoft Defender for Cloud Apps integration, but have not yet onboarded Microsoft XDR to Workbench, complete the onboarding as soon as possible (https://support.expel.io/hc/en-us/articles/38928860545299-Microsoft-Defender-XDR-Setup-for-Workbench). Please contact your Customer Success Manager if you need assistance with onboarding or if you have additional questions.

28 Mar 2025 13:38:59 (25 days ago)

Monitoring: We have confirmed all Microsoft Defender XDR devices are enabled and ingesting data, and we are working to reprocess alerts.

We recommend that customers who have the Microsoft Defender for Cloud Apps integration, but have not yet onboarded Microsoft XDR to Workbench, complete the onboarding as soon as possible. (https://support.expel.io/hc/en-us/articles/38928860545299-Microsoft-Defender-XDR-Setup-for-Workbench) Please contact your Customer Success Manager if you need assistance with onboarding or if you have additional questions.

27 Mar 2025 22:40:50 (26 days ago)

Identified: As part of a previously communicated Microsoft deprecation, Expel is no longer ingesting Microsoft Defender for Identity alerts (via the Microsoft Defender for Cloud Apps integration). Any customers who have onboarded a Microsoft Defender XDR device will have coverage restored shortly and begin reprocessing alerts. We recommend that customers who have the Microsoft Defender for Cloud Apps integration, but have not yet onboarded Microsoft XDR to Workbench, complete the onboarding as soon as possible. We will provide a status update once we have enabled all onboarded Defender XDR devices. In the meantime, please contact your Customer Success Manager if you need assistance with onboarding or if you have additional questions.

27 Mar 2025 21:29:59 (26 days ago)

See all updates

Expel Office 365 Phishing button

Started 17 Mar 2025 14:03:35 (1 month ago), still ongoing

Incident without Impact

Identified

Phishing submissions

Microsoft is rolling out deprecation of legacy Exchange tokens that may prevent your users from being able to report emails using the Expel custom Office 365 Phishing button.

Expel is working on development and testing of an updated Expel O365/M365 Phishing button for web and desktop applications that will work with the NAA authentication scheme.

Until Expel is able to deploy the newly developed Phishing button, you should follow the instructions from Microsoft (https://learn.microsoft.com/en-us/office/dev/add-ins/outlook/turn-exchange-tokens-on-off) to enable legacy tokens for your tenant. It can take up to 24 hours for this change to take effect.

Contact support if you need assistance with this process.

Recently Resolved Incidents

No recent incidents

Expel Outage Survival Guide

A step-by-step guide to help you survive a Expel outage

NaN%

Expel Components

Expel

Tue 15

Wed 16

Thu 17

Fri 18

Sat 19

Sun 20

Mon 21

now

Expel Workbench availability

Tue 15

Wed 16

Thu 17

Fri 18

Sat 19

Sun 20

Mon 21

now

Workbench global network connectivity

Tue 15

Wed 16

Thu 17

Fri 18

Sat 19

Sun 20

Mon 21

now

Workbench login

Tue 15

Wed 16

Thu 17

Fri 18

Sat 19

Sun 20

Mon 21

now

Expel Workbench features

Tue 15

Wed 16

Thu 17

Fri 18

Sat 19

Sun 20

Mon 21

now

Investigative actions

Tue 15

Wed 16

Thu 17

Fri 18

Sat 19

Sun 20

Mon 21

now

File uploads

Tue 15

Wed 16

Thu 17

Fri 18

Sat 19

Sun 20

Mon 21

now

Expel Notifications

Tue 15

Wed 16

Thu 17

Fri 18

Sat 19

Sun 20

Mon 21

now

Email

Tue 15

Wed 16

Thu 17

Fri 18

Sat 19

Sun 20

Mon 21

now

Slack

Tue 15

Wed 16

Thu 17

Fri 18

Sat 19

Sun 20

Mon 21

now

Teams

Tue 15

Wed 16

Thu 17

Fri 18

Sat 19

Sun 20

Mon 21

now

Ticketing systems (via email, such as Jira)

Tue 15

Wed 16

Thu 17

Fri 18

Sat 19

Sun 20

Mon 21

now

PagerDuty

Tue 15

Wed 16

Thu 17

Fri 18

Sat 19

Sun 20

Mon 21

now

Opsgenie

Tue 15

Wed 16

Thu 17

Fri 18

Sat 19

Sun 20

Mon 21

now

ServiceNow

Tue 15

Wed 16

Thu 17

Fri 18

Sat 19

Sun 20

Mon 21

now

Expel Assembler connectivity

Tue 15

Wed 16

Thu 17

Fri 18

Sat 19

Sun 20

Mon 21

now

Expel Alert ingestion

Tue 15

Wed 16

Thu 17

Fri 18

Sat 19

Sun 20

Mon 21

now

Stopped Ingesting Microsoft Defender for Identity

Started 27 Mar 2025 21:29:58 (26 days ago), still ongoing

Incident without Impact

Monitoring

Alert ingestion

28 Mar 2025 13:38:59 (25 days ago)

Monitoring: We have confirmed all Microsoft Defender XDR devices are enabled and ingesting data, and we are working to reprocess alerts.

27 Mar 2025 22:40:50 (26 days ago)

27 Mar 2025 21:29:59 (26 days ago)

See all updates

Expel Slack channels for customers

Tue 15

Wed 16

Thu 17

Fri 18

Sat 19

Sun 20

Mon 21

now

Expel Phishing submissions

Tue 15

Wed 16

Thu 17

Fri 18

Sat 19

Sun 20

Mon 21

now

Expel Office 365 Phishing button

Started 17 Mar 2025 14:03:35 (1 month ago), still ongoing

Incident without Impact

Identified

Phishing submissions

Microsoft is rolling out deprecation of legacy Exchange tokens that may prevent your users from being able to report emails using the Expel custom Office 365 Phishing button.

Expel is working on development and testing of an updated Expel O365/M365 Phishing button for web and desktop applications that will work with the NAA authentication scheme.

Contact support if you need assistance with this process.

Expel Status

Real-time updates of Expel issues and outages

Expel status is Operational

Expel Alert ingestion

Expel Phishing submissions

Active Incidents

Recently Resolved Incidents

Expel Outage Survival Guide

Expel Components

Expel

Expel Workbench availability

Workbench global network connectivity

Workbench login

Expel Workbench features

Investigative actions

File uploads

Expel Notifications

Email

Slack

Teams

Ticketing systems (via email, such as Jira)

PagerDuty

Opsgenie

ServiceNow

Expel Assembler connectivity

Expel Alert ingestion

Expel Slack channels for customers

Expel Phishing submissions

Expel Alternatives

RM Internet & E-safety

Konduto

TokenEx

SMX Secure Cloud Solutions

ThreatX

Obsidian Security

RSA ID Plus

Check Point Services