Kestra Holdings

KLA is a global leader in diversified electronics for the semiconductor manufacturing ecosystem, developing industry-leading equipment and services that enable innovation throughout the electronics industry. Virtually every electronic device in the world is produced using KLA's technologies - from smartphones, laptops, and wearables to autonomous vehicles and advanced electronics. The company provides advanced process control and yield management systems for manufacturing wafers and reticles, integrated circuits, packaging, printed circuit boards, and flat panel displays. With over 15,000 experts across more than a dozen global regions, KLA combines multidisciplinary knowledge to tackle the most complex challenges in semiconductor technology. The company invests 15% of sales back into R&D, demonstrating an unwavering commitment to innovation. Expert teams of physicists, engineers, data scientists, and problem-solvers collaborate closely with the world's leading technology providers to accelerate the delivery of tomorrow's electronic devices, ensuring that chipmakers can ramp next-generation devices to volume production quickly and cost-effectively.

Compass Group Holdings PLC operates as North America's largest foodservice and facilities services organization, coordinating 28+ specialized companies and 300,000+ associates to deliver 13 million meals daily and maintain over 1 billion square feet of space. The company's infrastructure spans hospitals, schools, corporate offices, senior living communities, and entertainment venues - critical environments where operational continuity and data integrity carry significant regulatory and operational risk. The technical environment reflects enterprise-scale complexity: Microsoft 365 and SharePoint ecosystems form the collaboration backbone, with Power Automate and Power Apps extending workflow automation across a geographically distributed workforce. Teams, OneDrive, and Outlook handle communication and file sharing for hundreds of thousands of users, while Akumina and WordPress manage external-facing properties. Electronic Medical Records (EMR) systems in healthcare settings introduce HIPAA compliance requirements and protected health information (PHI) concerns. SharePoint Online and SPFx deployments suggest custom web parts and potential attack surface in third-party integrations. The threat model is straightforward: a food services operation at this scale handles payment card data, personally identifiable information (PII) for associates and clients, and in healthcare contexts, PHI. Supply chain visibility and vendor management become critical when coordinating across dozens of specialized companies. The company's Planet Promise sustainability commitment - targeting climate net zero by 2050 through responsible sourcing and farm partnerships - extends the digital perimeter into agricultural supply chain networks and third-party data sharing arrangements. Led by CEO Dominic Blakemore, the organization's operational philosophy centers on five core values including Openness, Trust, and Integrity. For security teams, this translates to defending infrastructure that must remain accessible to a highly mobile, shift-based workforce while maintaining compliance across healthcare, education, and corporate sectors. The scale alone - 300,000+ users, daily operations in mission-critical facilities - means incident response planning isn't theoretical.

Kestra Financial operates a broker-dealer and wealth management platform serving 1,700+ independent financial professionals across the United States, managing $142 billion in assets under advisement and $70 billion in assets under management. Founded in 1997 and headquartered in Austin, Texas, the firm runs multiple regulated entities including Kestra Investment Services (broker-dealer), Kestra Advisory Services (RIA), and subsidiaries handling portfolio management, trust services, and insurance planning. The threat surface spans proprietary wealth management platform technology, broker-dealer operations infrastructure, and systems handling sensitive client financial data across nationwide operations. The tech stack includes Microsoft Office suite, Outlook, Adobe, and Redtail CRM alongside proprietary platform technology that powers end-to-end advisory solutions. Security responsibilities extend to protecting PII and financial records for thousands of advisors and their clients, maintaining regulatory compliance across SEC and FINRA domains, and securing M&A transaction data through subsidiary Bluespring Wealth Partners. The operational model combines centralized platform technology with distributed advisor networks, creating authentication, access control, and data segmentation challenges typical of multi-tenant financial services architectures. Kestra Investment Management and Arden Trust add portfolio management and fiduciary service layers requiring additional controls around transaction integrity and client account protection.

Seneca Holdings was established in 2009 when the Seneca Nation made a bold commitment to diversify its economic base beyond gaming and tobacco enterprises. Deploying $28 million in committed capital, the company exists to build a diversified portfolio of profitable businesses that deliver long-term, sustained income and economic self-sufficiency to the Seneca Nation and its 8,500+ enrolled citizens. Every investment decision is guided by the Hodinöhsö:ni´ (Haudenosaunee) Seventh Generation Principle, an ancient philosophy that demands all decisions consider their impact on the next seven generations, not just the present moment. Through strategic investments across federal government contracting, environmental solutions, travel management, and sports and entertainment, Seneca Holdings creates meaningful economic opportunities that extend far beyond financial returns. The company has added hundreds of jobs to the region and provides direct services to the Seneca people, including affordable on-territory technology through fiber broadband networks, professional development training for high school and college interns, and sponsorship of cultural events like the annual Marvin "Joe" Curry Veterans Powwow. By combining the competitive advantages inherent in the Seneca Nation's sovereign status with professional investment expertise, Seneca Holdings generates sustainable prosperity that honors both the Nation's proud heritage and its future generations.

In 2012, Par Pacific Holdings began with a vision to bring together decades-long histories of established energy businesses: Wyoming Refining Company, US Oil, Par Montana, and Par Hawaii. The founders recognized that traditional energy companies were overlooking complex markets where local communities needed reliable, dedicated fuel providers. They saw an opportunity to combine deep industry experience with financial acumen to serve these logistically-challenged markets that larger competitors often neglected. Today, Par Pacific owns and operates one of the largest energy networks in Hawaii, with additional refining and logistics assets across the Pacific Northwest and Rockies. The company operates four refineries with 219,000 barrels per day of combined capacity, owns 549 miles of pipeline and 13 million barrels of storage, and runs retail brands including Hele, 76, and nomnom. Under the leadership of CEO William Monteleone, Par Pacific continues to pursue operational excellence while expanding into renewable fuels and maintaining a commitment to the communities they serve.

Harmonia Holdings Group operates as a federal contractor delivering cybersecurity, AI/ML, and cloud modernization services to U.S. government agencies. The company holds ISO 27001:2022 and CMMI ML3 certifications and runs a 600-person technical workforce across defense, healthcare research, and veterans affairs verticals. In January 2025, Harmonia acquired Maveris as a wholly owned subsidiary to expand its cybersecurity portfolio, particularly across Department of Veterans Affairs contracts. The threat surface here is federal IT infrastructure - legacy systems at agencies like the Defense Information Systems Agency, the National Cancer Institute, and Naval operations. Harmonia's technical stack centers on DevSecOps pipelines, cloud infrastructure work, and data analytics tooling. The company also ships LiquidApps, a suite of UI development tools designed for non-developer subject matter experts to build interfaces. Core domains include software modernization, Active Directory and DNS management, and scripting in PowerShell and Bash. Founded in 2006 at Virginia Tech's Corporate Research Center, Harmonia took private equity backing from Madison Dearborn Partners in 2024. The firm is woman-owned and maintains ISO 9001:2015, ISO 20000:2018, and dual CMMI ML3 certifications for development and service delivery. Security work spans implementation and operations across competitive federal contracts, with ServiceNow deployments and infrastructure hardening as recurring engagement types.