We’d love to connect with you to learn more about your team, share insight into Pillr, and answer any questions you may have.
Pillr is a cybersecurity operations solution designed to adapt to the evolving needs of IT teams and service providers. With Pillr, IT professionals can access the industry’s most performant security technologies in an intuitive, web-based platform that’s collaboratively managed by our expert 24/7/365 SOC team.
Analyze events across the entirety of your security toolset and tenants, inspecting 100% of formats and sources across endpoints and networks. Achieve true end-to-end data awareness in a single dashboard—your source of security posture truth.
Today, the platform supports over 450 integrations, and with our ‘Any service, any tool’ commitment, support for something new is possible and a part of our promise to Pillr customers.
Pillr is accessible in a simple, month-to-month contract; there are no minimums, and you can cancel after just one month. Plus, you can check it out before committing in a personalized demo and trial.
A security escalation is a question, investigation, or Workflow-triggered communication from a partner regarding a security event in the portal. This could include a general request, like, “Could you help me understand this ticket?” as well as specific requests, like, “Could you provide the last 24 hours of login data for this user?” Each escalation is filed as a case with Pillr Support.
When a case is filed with Pillr Support, or a Workflow escalation is initiated, partners can expect an initial response within 15 minutes; detailed communication will be delivered within 30 minutes of the case filing, including investigation details. Pillr is committed to being a guiding voice to our partners as they address security issues. In this effort, we may recommend escalation to the Pillr Incident Response service team.
Initial response time: 15 minutes
Investigation time—for detailed response: 30 minutes
Target resolution time: Dependent on situation variables
While every case we receive is important to our team, we prioritize security escalations due to the time-sensitive, potentially impactful nature of these issues.
Technical escalations capture questions or requests for assistance from a partner regarding the Pillr portal and associated technology. This includes but is not limited to questions regarding agent deployment and management, the addition of customers and/or user accounts, integrations, the Pillr Knowledge Base and/or user interface, reporting capabilities, search experience, threat intelligence, and customizable Pillr Workflows. Each escalation is filed as a case with Pillr Support.
While Pillr will assist with queries and questions, partners have full control over their Pillr tenant—they are free to implement changes, such as adding integrations or scheduling reports. We encourage partners to utilize our documentation when implementing changes to the portal.
When a case is filed with Pillr Support, partners can expect an initial response within 15 minutes. Most cases filed with Pillr Support are promptly addressed via call or email.
If needed, we will liaise with our development team to mitigate the recurrence of technical issues. Where the issue requires assistance from the development team, resolution may be dependent on further investigation and implementation of back-end changes. The time to resolution for these cases varies depending on the nature of the problem, however we are committed to openness and transparency, providing timely updates on the case status to our partners.
Pillr is the product of the Novacoast software development division—a team with over 20 years of experience engineering advanced cybersecurity solutions, embedded in a company with a 26-year history in the industry.
Our mission is to take the detection rate of finding advanced threats from industry average 220 days down to hours. It’s a human goal—we are collectively committed to using today’s most performant technologies and time-tested processes to deliver exceptional, tangible results for our customers.
Our approach utilizes a unique combination of threat analysis, intelligence, and ongoing monitoring of endpoint activity—a context-driven comprehensive incorporating log data and feeds from third-party telemetry. Our team assesses every event, from anomalous login behavior to routine URL review to identify suspicious browser extensions, we catch threats other vendors miss.
SOC-as-a-Service, or SOCaaS, is the delivery of a security operations solution in the spirit of SaaS—the trend of providing services using cloud-hosted software and applications. Through a service-focused approach on a web-based platform, partners can build an enterprise-grade cybersecurity program in a subscription model that’s accessible and scalable.
SOCaaS dramatically reduces concerns of overhead of operational costs, staffing, and technology maintenance—these are managed by the service provider; no longer are customers responsible for installing network monitors or managing physical assets, wrangling compatibility and versioning issues, or upgrading.
Traditionally, security operations centers are set up to accommodate a pool of customers, with each customer maintaining a unique computing environment and network generating data—data that’s ultimately consumed by monitoring and response tools selected by the customer.
While this model provides a strong security posture for a provider’s customers, it lacks extensibility; IT teams are constrained by the cost and time required to maintain, update, and understand infrastructure and software. And access and configuration become especially challenging at scale. A web-based SOC solution delivered in an accessible, scalable service model allows IT teams and service providers to focus that energy and time where it’s most effective—on threat analysis, intelligence, and response.
Pillr is a web-based solution, so there’s no hardware or on-premises infrastructure required to monitor endpoints. For some competitors, an appliance is the foundation of their solution—an approach that presents an additional asset and endpoint that must be maintained. We see this as a liability to our users.
And we’re wary of organizations proposing pure technology-based solutions; while automation and intelligence are required to process the large quantity of data resulting from monitoring, an experienced cybersecurity analyst is the most adept decision-making asset in a SOC. With Pillr, you get all the above.
There are many considerations when setting up a security information and event management tool, or SIEM. You must identify the data to collect, define how to manage and store that data, and guarantee it’s accessible to analysts for investigation. Plus, these details must be confirmed before you determine how to classify alerts for suspicious behavior, signs of compromise, or indication of potential compromise. It’s a lot to manage.
Pillr eliminates these challenges. The platform is designed, engineered, and supported by a team of experts capable of setting and maintaining these standards for you and helping you manage operations. Pillr always reflects the most up-to-date insights from the global threat landscape and aligns to the MITRE ATT&CK matrix—including its hundreds of defined tactics, techniques, and software.
Yes, all 5 of our SOC facilities across the United States and United Kingdom are SOC 1 and SOC2 compliant.
Pillr stores your data in dedicated Microsoft Azure containers utilizing Azure Availability Enabled Zone Services. You can learn more about Azure security standards and Availability Enabled Zone Services at this link.
Pillr SOC threat hunters employ a variety of data intelligence feeds and search and visualization tools to aid detection. They’re often assessing millions of logged datapoints, and these resources help them dive into and understand the intricacies of files that may be linked to a particular exploit, for example. With the support of threat intelligence feeds, they can then confirm the validity, threat classification, a reputation of those files.
Today, Pillr utilizes over 35 threat intelligences sources to achieve our comprehensive awareness of known and potential threats and vulnerabilities, including known malicious IPs and URLs and botnet, command and control, and phishing attacks.