We’d love to connect with you to learn more about your team, share insight into Pillr, and answer any questions you may have.
Partner with Pillr to deliver services that demonstrate your commitment to your customers’ compliance and security requirements—with a customized reporting experience that showcases the value you provide.
Collaborative Presentation
|
Customized Reporting
|
Expert Advisory
A trusted resource for containment and recovery.
When threats arise, you want to be supported by a team capable of quickly, reliably securing at-risk data and IT systems. The Pillr Incident Response Team (IRT) is available to provide immediate service when a data breach, security incident, or systemic threat occurs.
Any observed or suspected event that may jeopardize the availability, confidentiality, or integrity of information or IT systems puts you at risk. The Pillr IRT can address these threats, including:
• Data breaches
• Email fraud & phishing
• Insider threat
• Network intrusion
• Malware infection
• Vulnerability exploitation
The Pillr IRT maintains a deliberate protocol for case management. It’s a process based in industry best practices, developed to ensure reliable, timely outcomes.
Each response case with Pillr is carefully assessed and documented to support post-event analysis and reporting compliance as IT systems are returned to a secure state.
When an incident is confirmed and escalated to the Pillr IRT:
• A dedicated IRT Coordinator is assigned to oversee response and report progress.
• Containment, eradication, and recovery protocols are set based on incident type and customer needs.
• All artifacts are collected and documented in accordance with evidence management best practices.
• Remediation processes are validated throughout to eliminate threat as the investigation evolves.
• Relevant data is collected and protected to support post-incident gap analysis, reporting, and review.
Full-service incident response can be activated by calling the Pillr 24/7/365 SOC line—the IRT responds to all retainer customer requests within three hours.
Every incident response case with the Pillr IRT is supported by these deliverables:
Pillr Incident Assessment
Capturing the pre-investigation state of the event, including details on the incident type, scope of impact, and remediation recommendations.
Investigation Status Reports
Routine investigation reporting, with the option to schedule a joint review with the Pillr IRT.
Closing Incident Report
A complete summary of the incident, with the option to collaborate with the Pillr IRT in report drafting and presentation.
End-to-end tech stack security assessment.
Identify weaknesses in your tech stack and act, supported by 20+ dedicated security assessment staff with expertise in IT management, security operations, and software development and engineering.
Pillr goes beyond conventional external and internal technology stack assessment, with testing services for mobile and wireless infrastructure, and SCADA and web-based applications.
Infrastructure
externtal + internal
cloud
SCADA
wireless
Applications
code audit
internet of things
mobile
web
People
social engineering +
email
SMS
voice
The Pillr 7-part assessment methodology is based on the Penetration Testing Execution Standard and follows industry best practices for consistent, timely engagements with impactful outcomes.
Pillr takes a full-spectrum approach to security assessment, ensuring individual security components and vectors are documented and tested to identify areas of weakness.
Pentests can be requested through your Pillr sales representative, or by calling the Pillr SOC line. All Pillr customers have access to our 24/7/365 security operations and tech support teams.
Pillr security assessments result in a comprehensive remediation report to address identified issues, including a proposed support plan by the Pillr Services and security operations teams.
The Pillr SOC team identifies a customer security breach and guides remediation
As IT service providers seek to expand business and take on mounting customer security requirements, some are exploring developing cybersecurity programs. Unfortunately, building and staffing a security operations center (SOC) is cost prohibitive and unduly challenging given the current 3.4M global cybersecurity workforce shortage.
Many are moving to collaboratively managed software solutions, like Pillr. Co-managed solutions allow MSPs to meet the 27/7/365 security monitoring needs of their customer base, while developing internal cybersecurity expertise and remaining attentive to costs.
Pillr SOC team response: Security analysts partner to verify event severity
As a part of its always-on security operations practice, Pillr SOC analysts identified an at-risk organization among a partner’s managed customer environments. The customer organization, an international toy company, had been breached via port 3389 through the use of brute force tactics.
Immediately following confirming the connection, the Pillr SOC team contacted the service provider through both email and phone to take on collaborative remediation.
Investigation: Realizing the value of always-on collaboration
Honing in on the event on the platform, the Pillr SOC team uncovered indicators the attacker was attempting to pivot through the network—after gaining access to one machine, they were attempting to move to another. Pillr advised the MSP to take the machine offline, followed by reimaging and resetting user credentials.
Additional research by Pillr threat hunters showed the bad actors had employed known-bad IP addresses and utilized wordlists, inputting multiple usernames until they gained access.
Within 48 hours, the united teams had effectively halted the breach in partnership with the customer’s embedded IT division.
Solution: MSP delivers compelling customer service with the 24/7/365 SOC service and support of Pillr
Within 48 hours, the united teams had effectively halted the breach in partnership with the customer’s embedded IT division. Now, to assess the impact. Using data analysis and investigation tooling on the platform, Pillr security analysts and threat hunters were able to identify the point of weakness in the customer’s system and determine the entry time of the bad actor—even charting their path following entry.
The SOC team then held a postmortem with the MSP, sharing insight into their findings and ensuring the partner was prepared to represent the value they delivered working in tandem with Pillr. To date, it appears no data was exfiltrated as a result of the breach given the close collaboration of Pillr and the MSP.
Minor misconfigurations lead to big internal network breaches—proactive security by Pillr
Situation: Small misconfigurations lead to big internal network breaches
Today, many organizations deploy numerous technologies to function effectively. As new hardware and software is introduced—from appliances, to business and productivity software, and operating systems—the potential to misconfigure access and permissions settings increases. Even simple misconfigurations can lead to expansive breaches.
Read how one hospital partnered with Pillr in a routine penetration test, exposing a simple JMX Server misconfiguration that allowed full domain access.
Pillr assessment: Internal infrastructure
As part of an internal infrastructure assessment, the Pillr team deployed a testing node. Selecting a regular user segment—a role reflecting the lowest possible access and permissions settings—they were able to test the strength of the system, mimicking the likely scenario of an external breach. No other authentication was provided.
Solution: Gained access to internal network with insecure software
The Pillr team discovered a server running a misconfigured Java JMX agent that didn’t require authentication. With entry to the machine, the team was able to apply post-exploitation techniques to obtain full domain administrator privileges.
Outcome: Short-term remediation, long-term security strategy
This case study demonstrates how inconspicuous configuration missteps can lead to compromising an otherwise secure network. Ultimately, the Pillr team delivered an actionable, short-term remediation solution and long-term strategy to help the hospital increase network security as their data management and protection needs matured.
Routine pentests with Pillr can help your team gauge security posture strength and identify opportunities to improve.
Routine compliance testing by Pillr uncovers leaked employee credentials
Situation: An employee’s credentials are leaked
Passwords are intended to protect networks—but used incorrectly, they can become a ready key for bad actors. It’s not uncommon for employees to use the same password across third-party sites and workplace access points, making the organization vulnerable to credential stuffing attacks. With this approach, an attacker uses leaked account credentials to access an organization’s appliances, email, or VPN—often gaining access to the entire network.
Read how one insurance firm partnered with Pillr in penetration testing, revealing a previously unknown security risk due to numerous leaked employee credentials.
Pillr assessment: External infrastructure
As part of a routine Pillr security assessment, the team performed a penetration test. The full-spectrum test allowed the team to gain clarity on the environment and situation as they cataloged every potential point of entry for the firm, including Open Source Intelligence (OSINT) reconnaissance.
Solution: Gained access to internal network with leaked credentials
In their assessment, the Pillr team identified a set of employee email credentials that had been leaked on the Darknet—the result of a third-party breach. Using one of these credentials, the team accessed the employee’s desktop via an external Citrix appliance. With a foothold in the internal organization network, they proceeded to hunt for additional vulnerabilities, ultimately gaining domain administrator privileges.
Outcome: Short-term remediation, long-term security strategy
Previous pentesting companies had deemed this insurance firm secure, where Pillr was able to penetrate their internal network and gain access to sensitive information. The final Pillr security assessment documented the firm’s weak entry points, outlined a plan of action to address immediate network vulnerabilities, and provided a long-term strategy to improve the firm’s overall security posture.
Understanding social engineering and building a preventative security program with Pillr
Situation: Popular casino hotel sets new standard for security with Pillr
Email phishing is a form of social engineering that presents unique challenges in today’s fast-paced, highly connected workplace. Disguised as a trusted source to its recipients, phishing attempts prompt users to click a link or download a file, offering a ready inroad to an organization’s networks.
Read how one casino hotel partnered with Pillr in an email phishing assessment to identify network weak points and set a new baseline for security posture.
Pillr assessment: Email phishing
Phishing emails were sent disguised as “Help Desk” to a pool of 100 employees, requesting they enter their workplace email credentials to respond to a series of security questions. Of the pool, 7 employees opened the Pillr phishing test within the testing timeframe.
Solution: 71% of sought secure information was obtained
Of the 7 opened test emails, 5 resulted in clicked links and 3 employees entered their workplace email credentials. The Pillr team was then able to use the harvested credentials to log into the organization’s externally accessible email, gaining access to sensitive information, including employee records, legal documents, and payroll information.
Outcome: Improved awareness of network and user weak points
The Pillr email phishing assessment revealed vulnerable network access points for the casino hotel and helped its IT team realize the need to teach staff to identify phishing scams. Pillr provided step-by-step guidance to fortify the organization’s network, supported by a long-term strategy to improve employee awareness of modern cybersecurity threats.
Partner with Pillr Services to identify opportunities to improve security posture in a way that’s accessible and scalable—with results you can trust.
analysts + threat hunters
dedicated SOCs
service + tool integrations
threat intelligence feeds
Our team is dynamic. We come from different backgrounds. From computer science research and IT services to government and military intelligence.
We’re prepared to provide the service and support you need to take on today’s cybersecurity challenges with confidence.
Computing Fundamentals | Incident Response | Penetration Testing | Threat Hunting | Vulnerability Management
Interested in exploring Pillr? We’d love to connect with you.