FAQ

Browse through our frequently asked questions. If anything is left unanswered, click the button below or contact us here.

What is Pillr?

Pillr is a cybersecurity operations solution designed to adapt to the evolving needs of IT teams and service providers. With Pillr, IT professionals can access the industry’s most performant security technologies in an intuitive, web-based platform that’s collaboratively managed by our expert 24/7/365 SOC team.

Analyze events across the entirety of your security toolset and tenants, inspecting 100% of formats and sources across endpoints and networks. Achieve true end-to-end data awareness in a single dashboard—your source of security posture truth.

Today, the platform supports over 450 integrations, and with our ‘Any service, any tool’ commitment, support for something new is possible and a part of our promise to Pillr customers.

What’s my commitment to Pillr?

Pillr is accessible in a simple, month-to-month contract; there are no minimums, and you can cancel after just one month. Plus, you can check it out before committing in a personalized demo and trial.

Our mission

Pillr is the product of the Novacoast software development division—a team with over 20 years of experience engineering advanced cybersecurity solutions, embedded in a company with a 26-year history in the industry.

Our mission is to take the detection rate of finding advanced threats from industry average 220 days down to hours. It’s a human goal—we are collectively committed to using today’s most performant technologies and time-tested processes to deliver exceptional, tangible results for our customers.

Our approach utilizes a unique combination of threat analysis, intelligence, and ongoing monitoring of endpoint activity—a context-driven comprehensive incorporating log data and feeds from third-party telemetry. Our team assesses every event, from anomalous login behavior to routine URL review to identify suspicious browser extensions, we catch threats other vendors miss.

What is SOC-as-a-Service?

SOC-as-a-Service, or SOCaaS, is the delivery of a security operations solution in the spirit of SaaS—the trend of providing services using cloud-hosted software and applications. Through a service-focused approach on a web-based platform, partners can build an enterprise-grade cybersecurity program in a subscription model that’s accessible and scalable.

SOCaaS dramatically reduces concerns of overhead of operational costs, staffing, and technology maintenance—these are managed by the service provider; no longer are customers responsible for installing network monitors or managing physical assets, wrangling compatibility and versioning issues, or upgrading.

How does it work?

Traditionally, security operations centers are set up to accommodate a pool of customers, with each customer maintaining a unique computing environment and network generating data—data that’s ultimately consumed by monitoring and response tools selected by the customer.

While this model provides a strong security posture for a provider’s customers, it lacks extensibility; IT teams are constrained by the cost and time required to maintain, update, and understand infrastructure and software. And access and configuration become especially challenging at scale. A web-based SOC solution delivered in an accessible, scalable service model allows IT teams and service providers to focus that energy and time where it’s most effective—on threat analysis, intelligence, and response.

How does SOCaaS with Pillr compare to other solutions?

Pillr is a web-based solution, so there’s no hardware or on-premises infrastructure required to monitor endpoints. For some competitors, an appliance is the foundation of their solution—an approach that presents an additional asset and endpoint that must be maintained. We see this as a liability to our users.

And we’re wary of organizations proposing pure technology-based solutions; while automation and intelligence are required to process the large quantity of data resulting from monitoring, an experienced cybersecurity analyst is the most adept decision-making asset in a SOC. With Pillr, you get all the above.

How does SIEM work on the Pillr platform?

There are many considerations when setting up a security information and event management tool, or SIEM. You must identify the data to collect, define how to manage and store that data, and guarantee it’s accessible to analysts for investigation. Plus, these details must be confirmed before you determine how to classify alerts for suspicious behavior, signs of compromise, or indication of potential compromise. It’s a lot to manage.

Pillr eliminates these challenges. The platform is designed, engineered, and supported by a team of experts capable of setting and maintaining these standards for you and helping you manage operations. Pillr always reflects the most up-to-date insights from the global threat landscape and aligns to the MITRE ATT&CK matrix—including its hundreds of defined tactics, techniques, and software.

Is Pillr SOC1 and SOC 2 compliant?

Yes, all 5 of our SOC facilities across the United States and United Kingdom are SOC 1 and SOC2 compliant.

Where is my syslog data stored?

Pillr stores your data in dedicated Microsoft Azure containers utilizing Azure Availability Enabled Zone Services. You can learn more about Azure security standards and Availability Enabled Zone Services at this link. 

How do Pillr SOC threat hunters assess data?

Pillr SOC threat hunters employ a variety of data intelligence feeds and search and visualization tools to aid detection. They’re often assessing millions of logged datapoints, and these resources help them dive into and understand the intricacies of files that may be linked to a particular exploit, for example. With the support of threat intelligence feeds, they can then confirm the validity, threat classification, a reputation of those files.

What threat intelligence feeds are a part of Pillr?

Today, Pillr utilizes over 35 threat intelligences sources to achieve our comprehensive awareness of known and potential threats and vulnerabilities, including known malicious IPs and URLs and botnet, command and control, and phishing attacks.