After your device is connected, you can perform a test to see Expel in action in your environment.

Create an Azure Automation Account named expeltestautomation, and we'll produce an incident as if this were malicious activity. You don’t have to do anything in the automation account.

There's nothing inherently malicious in creating an automation account; this is just an easy way to simulate how Expel responds to actual malicious events.

To create a test alert:

  1. Log in to the Azure portal.

  2. From the top menu, select + Create a resource.

  3. Under Categories, select IT & Management Tools, and then select Automation.

  4. Select Create.

  5. Select a Subscription and Resource Group.

  6. Type the Automation account name expeltestautomation.

  7. Select a Region.

  8. Select Review + Create, then Create.

    Within 10-15 minutes, you get an email from soc@expel.io with the subject line "Findings ready for review".

  9. Select the link in that notification to see the findings report.

Note

You can delete the automation account immediately after creating it.