El Pollo Loco operates nearly 500 quick-service restaurant locations across the United States, each fire-grilling citrus-marinated chicken over open flame for 60 minutes daily. Founded in 1975 in Guasave, Sinaloa, Mexico, the chain expanded to the U.S. in 1980 and now maintains a distributed operational footprint requiring consistent point-of-sale systems, payment processing infrastructure, and supply chain coordination across hundreds of physical sites.
The security stack reflects a multi-location restaurant environment with endpoints, privileged access, and perimeter needs at scale. Tooling includes SentinelOne for endpoint detection, CyberArk and BeyondTrust for privileged access management, and Palo Alto Prisma Access for distributed network security. Email and web filtering run through Mimecast and Barracuda, with Imperva handling application layer defense. Vulnerability scanning uses Nessus, with Tanium and Atera covering endpoint management and remote support. Active Directory auditing runs on ADAudit, DLP is deployed for data protection, and TrustArc supports privacy compliance. DMARC is configured for email authentication.
The threat model centers on payment card environments across hundreds of locations, franchise or corporate site connectivity, third-party vendor access for supply chain and point-of-sale systems, and customer data handling under payment card industry and state privacy requirements. With a CEO-led operation and no disclosed headcount, security operations likely involve managing tooling efficiency and visibility across a geographically dispersed restaurant footprint while balancing operational uptime requirements inherent to fast-casual dining.