No items found.
customer sucess
>
The City of Danville

How a Municipal Government Closed Critical Browser Security Gaps and Detected Compromised Credentials Across 2,000 Endpoints

Executive Summary

After evaluating multiple browser security solutions that either created excessive operational overhead or failed to deliver additional value, the organization deployed Neon Cyber's Workforce Cybersecurity Platform.

Results were immediate, including:
  • 5-minute deployment via Group Policy
  • Identified widespread password reuse across applications
  • Discovered compromised credentials across sanctioned and unsanctioned applications
  • Real-time geolocation tracking and browser forensics
  • Responsive support and product development

Before Neon Cyber

  • Phishing attacks bypassing MFA
  • No browser activity visibility
  • Couldn't detect credential reuse
  • Limited forensic data for IR
  • Shadow SaaS apps unmonitored

After Neon Cyber

  • Phishing attacks bypassing MFA
  • No browser activity visibility
  • Couldn't detect credential reuse
  • Limited forensic data for IR
  • Shadow SaaS apps unmonitored
The organization

The City of Danville is a municipal government entity serving its community across multiple departments, with approximately 300 employees and 1,000 endpoints requiring comprehensive security to protect critical infrastructure and citizen data.

The City’s Chief Technology Officer, Agnel D’Silva, who manages both IT and cybersecurity alongside a six-person team, initiated a security transformation following a 2018 network incident that served as a wake-up call. He strengthened the City’s cybersecurity posture by implementing a multi-layered, defense-in-depth approach and advancing efforts toward a zero-trust model. The team continuously conducts risk assessments to identify security gaps and found one area that they were blind to: the browser.

The Challenge

Despite a mature security stack, 3 critical gaps remained:

Sophisticated Phishing Bypassing MFA

Modern AI-based phishing campaigns were stealing both credentials and session cookies, allowing attackers to bypass multi-factor authentication entirely. While the organization had deployed email security with additional verification layers requiring users to request release of suspicious links, they still lacked protection at the point-of-click where users actually interacted with phishing sites.

Invisible Credential Reuse

The organization prohibits password reuse but lacked the visibility needed to enforce that policy. As a result, some employees were using the same passwords across internal systems, SaaS applications, and other online services, creating significant risk, as a single compromised credential could expose the entire environment.

Browser Activity Blind Spot

While the City had strong security controls in place—XDR, email security, and endpoint protection—they offered no visibility into activity within the web browser. The team could not see browser activities such as downloads, traffic behaviors, geolocation details, or collect the forensic data needed for effective incident response.

The solution

After evaluating multiple solutions, including another browser-native security solution and application whitelisting tools, the CTO found Neon Cyber offered key differentiators

Seamless integration

Complements the City's current security stack

Immediate value

Reported on browser-level detections other tools missed

low operational overhead

Out-of-the-box functionality

Responsive partnership

Neon Cyber's leadership demonstrated willingness to listen and iterate

Strategic fit

With Neon Cyber's API, browser telemetry fed into the city's SOC, which will be a key component of its AI SOC Analyst, to triage security alerts and events

“What do we want at the end of the day? To solve a problem," D’Silva emphasized. "This is one reason we love working with startups. The Neon Cyber team has been great at responding and listening to feedback. When you're building a security product, what matters is solving problems, and they've done that.”

D’Silva
CTO, City of danville

Deployment in Minutes, Not Months

Neon Cyber’s lightweight agent was rolled out through the City’s existing Group Policy, securing all City of Danville users and endpoints within minutes—no complex integrations, no professional services, and no lengthy configuration required.

“Implementation was by far the best I've experienced," D’Silva stated. "A lot of security tools require extensive configuration and tuning. With Neon, we pushed it out via Group Policy, and it was done.”
D’Silva
CTO, City of danville

The platform worked out-of-the-box, requiring no tuning to start delivering value. Product updates push automatically, and the team simply monitors the dashboard to verify everything is functioning properly.

Integration with Existing Stack

Neon Cyber works alongside XDR (network/endpoint visibility), application control (whitelisting/extension blocking), and email security (phishing protection) to deliver real-time browser protection, credential monitoring, and forensics.

results & impact

Credential Hygiene: The Biggest Win

Neon Cyber immediately revealed widespread password reuse across the organization. Users were employing identical credentials for corporate portals, cloud SaaS applications, personal accounts, etc.

“The biggest value has been detecting compromised credentials," D’Silva explained. "Finding out users were reusing passwords for one portal and every other app—including their laptops—that was huge for us."
D’Silva
CTO, City of danville

The policy against password reuse could finally be enforced with visibility and evidence.In addition to corporate credential reuse, the security team at the City of Danville also saw when users were using compromised personal credentials to access applications on their corporate devices. When the organization notified those users that their personal passwords had been compromised, the response was appreciation. Ultimately, ensuring personal credentials followed strong identity and access standards would only bolster the city's security.

Forensic Capabilities for Incident Response

During a recent security event, Neon's geolocation data proved more accurate than native tools from major vendors. While one system incorrectly showed U.S.-based access, Neon's geolocation combined with the city's AI SOC analyst revealed the actual non-U.S. location, enabling proper threat response.

“For incident response, Neon Cyber has been really helpful," noted D’Silva. "How do you gather browser activity info and pull together a forensic chain? We couldn't before. Now with downloads, traffic, and geolocation, we have what we need for investigations.”
D’Silva
CTO, City of danville

Operational Efficiency

The contrast with previous solutions is stark:

  • Deployment time: Minutes via Group Policy compared to weeks or months with other solutions
  • Maintenance overhead: Near-zero administrative burden—no more 5-6 daily unblock requests
  • Updates: Automatic and seamless
  • No dedicated staff needed for ongoing management
“Maintenance is fantastic," D’Silva said. "They push updates, we check the dashboard, it's working. That's it."
D’Silva
CTO, City of danville

Strategic Enablement

Neon telemetry will feed into the city's AI SOC platform, which will provide centralized visibility, automated prioritization, and remediation of security tasks across all layers.

Executive Summary
The organization
the challenge
the solution
The Results & Impact

Email me this success story

Start today

Close Your Browser Security Gap

Neon Cyber protects where risk actually exists—with your users, in the browser. Deploy in minutes. See results immediately.

Schedule a demo
Learn More