Blog Posts

Despite its growing role in incident response, understanding cybersecurity insurance coverage can still be daunting for many organizations. In this blog, we discuss what cybersecurity insurance is, what to look for within your policy, and what is not typically covered by most policies to help you feel more prepared when submitting a claim.

Here's a quick look at cybersecurity initiatives to think about tackling in Q4 or integrating into your roadmap for this upcoming year.

Having proper security controls in place are critical to preventing both the frequency and severity of cyber incidents.

In Part Two of our blog with CrowdStrike, we share proven strategies and techniques for effective large-scale remediation efforts.

Can new AI models such as ChatGPT be used to help cybersecurity teams? Yes! Here are three quick use cases.

In this blog, we look at 8 examples of best practices that can be implemented to provide for a more resilient architecture.

Host-based microsegmentation offers a wide range of advantages over legacy counterparts allowing organizations to apply segmentation at much deeper granularity including host, user, or application levels.

Logs are critical sources for forensics investigations. This blog looks at various log sources and the key takeaways to consider when building the retention strategy that's best for your organization.

Gaining access to Active Directory is often a goal of threat actors during an intrusion. In this blog, we look at two key workstreams that add security layers making it more difficult for threat actors to achieve this goal.

The worst of the Log4j fire drill might be behind us (for now), but the opportunity for new exploits still remains. Learn how a Software Bill of Materials (SBOM) and other best practices can help reduce future impacts and improve your overall security posture.

In Part 2 of our Improving Cybersecurity Resilience blogs, we cover five additional capabilities that round out the list of security basics that we believe all organizations should implement.

Credentials being stolen, reused, or even guessed often leads to an intrusion, or turns what could have been a small incident into an enterprise-wide issue. Multifactor Authentication (MFA) is a critical layer of protection to help minimize this risk.

MOXFIVE recommends these six capabilities as a starting point for improving resilience due to their outsize contribution to reducing risk and mitigating damage.

Enabling Local Administrator Password Solution (LAPS) can help greatly reduce the blast radius of a cyber-attack and is a quick and simple process for most environments.

Using cloud-based services can help not only lift the burden of day-to-day IT and security tasks, but they can also provide a significant benefit when dealing with a ransomware attack.

The lines between forensics and recovery can easily blur during incident response. Using an approach that delivers both in parallel helps minimize business interruption and get organizations back online more quickly.

Building threat hunting skills within your team can help prevent burnout, up-level skills and give your team a broader understanding of your security environment.

Open-source software is used in a wide variety of projects, including the recent Mars helicopter, Ingenuity! In this blog, we take a look at the open-source network security solution, pfSense, and the many ways it can be used.

In July 2019 we posted our inaugural blog and introduced our idea of how a Technical Advisor could help companies better manage the incident response process. Two years (and hundreds of incidents) later, we've learned many lessons that help our clients recover quickly and effectively.

Four questions to ask if you're considering adding an upgrade to an in-progress recovery effort.

Changes in the cyber insurance industry are driving a change in how organizations are investing in security.

MOXFIVE’s “Break Glass” Strategy to Recovering from a Ransomware Attack Ransomware events can be the worst experience for any person