Partner with Pillr to deliver services that demonstrate your commitment to your customers’ compliance and security requirements—with a customized reporting experience that showcases the value you provide.
Collaborative Presentation
|
Customized Reporting
|
Expert Advisory
A trusted resource for containment and recovery.
When threats arise, you want to be supported by a team capable of quickly, reliably securing at-risk data and IT systems. The Pillr Incident Response Team (IRT) is available to provide immediate service when a data breach, security incident, or systemic threat occurs.
Any observed or suspected event that may jeopardize the availability, confidentiality, or integrity of information or IT systems puts you at risk. The Pillr IRT can address these threats, including:
• Data breaches
• Email fraud & phishing
• Insider threat
• Network intrusion
• Malware infection
• Vulnerability exploitation
The Pillr IRT maintains a deliberate protocol for case management. It’s a process based in industry best practices, developed to ensure reliable, timely outcomes.
Each response case with Pillr is carefully assessed and documented to support post-event analysis and reporting compliance as IT systems are returned to a secure state.
When an incident is confirmed and escalated to the Pillr IRT:
• A dedicated IRT Coordinator is assigned to oversee response and report progress.
• Containment, eradication, and recovery protocols are set based on incident type and customer needs.
• All artifacts are collected and documented in accordance with evidence management best practices.
• Remediation processes are validated throughout to eliminate threat as the investigation evolves.
• Relevant data is collected and protected to support post-incident gap analysis, reporting, and review.
Full-service incident response can be activated by calling the Pillr 24/7/365 SOC line—the IRT responds to all retainer customer requests within three hours.
Every incident response case with the Pillr IRT is supported by these deliverables:
Pillr Incident Assessment
Capturing the pre-investigation state of the event, including details on the incident type, scope of impact, and remediation recommendations.
Investigation Status Reports
Routine investigation reporting, with the option to schedule a joint review with the Pillr IRT.
Closing Incident Report
A complete summary of the incident, with the option to collaborate with the Pillr IRT in report drafting and presentation.
End-to-end tech stack security assessment.
Identify weaknesses in your tech stack and act, supported by 20+ dedicated security assessment staff with expertise in IT management, security operations, and software development and engineering.
Pillr goes beyond conventional external and internal technology stack assessment, with testing services for mobile and wireless infrastructure, and SCADA and web-based applications.
Infrastructure
externtal + internal
cloud
SCADA
wireless
Applications
code audit
internet of things
mobile
web
People
social engineering +
email
SMS
voice
The Pillr 7-part assessment methodology is based on the Penetration Testing Execution Standard and follows industry best practices for consistent, timely engagements with impactful outcomes.
Pillr takes a full-spectrum approach to security assessment, ensuring individual security components and vectors are documented and tested to identify areas of weakness.
Pentests can be requested through your Pillr sales representative, or by calling the Pillr SOC line. All Pillr customers have access to our 24/7/365 security operations and tech support teams.
Pillr security assessments result in a comprehensive remediation report to address identified issues, including a proposed support plan by the Pillr Services and security operations teams.
Situation: Small misconfigurations lead to big internal network breaches
Today, many organizations deploy numerous technologies to function effectively. As new hardware and software is introduced—from appliances, to business and productivity software, and operating systems—the potential to misconfigure access and permissions settings increases. Even simple misconfigurations can lead to expansive breaches.
Read how one hospital partnered with Pillr in a routine penetration test, exposing a simple JMX Server misconfiguration that allowed full domain access.
Pillr assessment: Internal infrastructure
As part of an internal infrastructure assessment, the Pillr team deployed a testing node. Selecting a regular user segment—a role reflecting the lowest possible access and permissions settings—they were able to test the strength of the system, mimicking the likely scenario of an external breach. No other authentication was provided.
Solution: Gained access to internal network with insecure software
The Pillr team discovered a server running a misconfigured Java JMX agent that didn’t require authentication. With entry to the machine, the team was able to apply post-exploitation techniques to obtain full domain administrator privileges.
Outcome: Short-term remediation, long-term security strategy
This case study demonstrates how inconspicuous configuration missteps can lead to compromising an otherwise secure network. Ultimately, the Pillr team delivered an actionable, short-term remediation solution and long-term strategy to help the hospital increase network security as their data management and protection needs matured.
Routine pentests with Pillr can help your team gauge security posture strength and identify opportunities to improve.
Situation: An employee’s credentials are leaked
Passwords are intended to protect networks—but used incorrectly, they can become a ready key for bad actors. It’s not uncommon for employees to use the same password across third-party sites and workplace access points, making the organization vulnerable to credential stuffing attacks. With this approach, an attacker uses leaked account credentials to access an organization’s appliances, email, or VPN—often gaining access to the entire network.
Read how one insurance firm partnered with Pillr in penetration testing, revealing a previously unknown security risk due to numerous leaked employee credentials.
Pillr assessment: External infrastructure
As part of a routine Pillr security assessment, the team performed a penetration test. The full-spectrum test allowed the team to gain clarity on the environment and situation as they cataloged every potential point of entry for the firm, including Open Source Intelligence (OSINT) reconnaissance.
Solution: Gained access to internal network with leaked credentials
In their assessment, the Pillr team identified a set of employee email credentials that had been leaked on the Darknet—the result of a third-party breach. Using one of these credentials, the team accessed the employee’s desktop via an external Citrix appliance. With a foothold in the internal organization network, they proceeded to hunt for additional vulnerabilities, ultimately gaining domain administrator privileges.
Outcome: Short-term remediation, long-term security strategy
Previous pentesting companies had deemed this insurance firm secure, where Pillr was able to penetrate their internal network and gain access to sensitive information. The final Pillr security assessment documented the firm’s weak entry points, outlined a plan of action to address immediate network vulnerabilities, and provided a long-term strategy to improve the firm’s overall security posture.
Situation: Popular casino hotel sets new standard for security with Pillr
Email phishing is a form of social engineering that presents unique challenges in today’s fast-paced, highly connected workplace. Disguised as a trusted source to its recipients, phishing attempts prompt users to click a link or download a file, offering a ready inroad to an organization’s networks.
Read how one casino hotel partnered with Pillr in an email phishing assessment to identify network weak points and set a new baseline for security posture.
Pillr assessment: Email phishing
Phishing emails were sent disguised as “Help Desk” to a pool of 100 employees, requesting they enter their workplace email credentials to respond to a series of security questions. Of the pool, 7 employees opened the Pillr phishing test within the testing timeframe.
Solution: 71% of sought secure information was obtained
Of the 7 opened test emails, 5 resulted in clicked links and 3 employees entered their workplace email credentials. The Pillr team was then able to use the harvested credentials to log into the organization’s externally accessible email, gaining access to sensitive information, including employee records, legal documents, and payroll information.
Outcome: Improved awareness of network and user weak points
The Pillr email phishing assessment revealed vulnerable network access points for the casino hotel and helped its IT team realize the need to teach staff to identify phishing scams. Pillr provided step-by-step guidance to fortify the organization’s network, supported by a long-term strategy to improve employee awareness of modern cybersecurity threats.
Partner with Pillr Services to identify opportunities to improve security posture in a way that’s accessible and scalable—with results you can trust.
analysts + threat hunters
dedicated SOCs
service + tool integrations
threat intelligence feeds
Our team is dynamic. We come from different backgrounds. From computer science research and IT services to government and military intelligence.
We’re prepared to provide the service and support you need to take on today’s cybersecurity challenges with confidence.
Computing Fundamentals | Incident Response | Penetration Testing | Threat Hunting | Vulnerability Management
Interested in exploring Pillr? We’d love to connect with you.