Latest News: MOXFIVE Named one of Inc. Magazine's Best Workplaces for 2022

WELCOME TO MOXFIVE

Solving complex
problems is in our DNA.

At MOXFIVE, solving problems is who we are and what we do. Our Technical Advisors operate at the intersection of IT and cybersecurity helping organizations of all types solve their most challenging technology-related problems. Day in, day out.

WATCH THE VIDEO

The expertise you need to tackle today’s cyber threats.

As business operations become more entwined with data and technology, the business impact of a disruption to IT operations has increased dramatically. At MOXFIVE, our mission is to minimize the business impact of cyber attacks  and be the “go to” technical resource for our clients -  whether before, during or after an incident.  Our Technical Advisors help our clients shore up the basics of sound IT infrastructure and security practices to proactively protect against today’s threats as well as help navigate the response process should something happen.

Learn More

HOW WE CAN HELP

Our mission is to minimize the business impact of cyber attacks. 

Incident Management

MOXFIVE provides the clarity and peace of mind needed for attack victims during the incident response process. Our platform approach enables victims of attacks to work with a Technical Advisor who provides the expertise and guidance needed in a time of crisis, and facilitates the delivery of all technical needs required, consistently and efficiently.

Learn More

Business Resilience

With experience on the front lines responding to incidents daily, MOXFIVE Technical Advisors have the unique ability to connect the dots between business, information technology, and security objectives to help you quickly identify the gaps and build a more resilient environment.

Learn More

Expert Technical Advisors. 
Better business outcomes.

At MOXFIVE, we pride ourselves on providing organizations a tailored approach based on their needs. By combining our technical lens with the business lens, we are able to provide value unlike others. We understand that IT and cybersecurity are critical to business operations and decisions need to be made with the impact each decision has on the business in mind. 

Predictability

It’s our job to eliminate surprises – so we communicate often and clearly to keep projects running smoothly. Transparency is key to what we do.

Experts at Scale

MOXFIVE leverages an ecosystem of the industry’s best technology experts and service providers so that we can quickly assemble and deploy the right team with the right skills.

IT & Security Expertise

With a deep understanding of both IT operations and security technologies, MOXFIVE can quickly assess the situation and determine the most efficient and cost-effective response strategy or solution for the problem at hand.

Resilient Outcomes

With firsthand experience of attack trends and threat actor behavior, MOXFIVE provides advisory and implementation services to address the business process and technology requirements needed to build and maintain a resilient environment.

2900+

incident response events managed by MOXFIVE Technical Advisors

40%+

average reduction in days to recover using our First 48 Hours playbook

> $300m

saved for cyber attack
victims in 2021

RECENT BLOG POSTS

Logging to Enable Forensics

Logs are critical sources for forensics investigations. This blog looks at various log sources and the key takeaways to consider when building the retention strategy that's best for your organization.

Incident Managers: Bringing Order to Chaos

Our MOXFIVE Incident Managers are critical to every project we manage at MOXFIVE. Learn more about their role and how they enable everyone in the process to focus on what they do best.

Minimizing the Impact: Securing Active Directory

Gaining access to Active Directory is often a goal of threat actors during an intrusion. In this blog, we look at two key workstreams that add security layers making it more difficult for threat actors to achieve this goal.

The Continued Risk of Log4j

The worst of the Log4j fire drill might be behind us (for now), but the opportunity for new exploits still remains. Learn how a Software Bill of Materials (SBOM) and other best practices can help reduce future impacts and improve your overall security posture.

Improving Cybersecurity Resilience: Starting the Journey, Part 2

In Part 2 of our Improving Cybersecurity Resilience blogs, we cover five additional capabilities that round out the list of security basics that we believe all organizations should implement.

Minimizing the Impact: Multifactor Authentication

Credentials being stolen, reused, or even guessed often leads to an intrusion, or turns what could have been a small incident into an enterprise-wide issue. Multifactor Authentication (MFA) is a critical layer of protection to help minimize this risk.

Improving Cybersecurity Resilience: Starting the Journey, Part 1

MOXFIVE recommends these six capabilities as a starting point for improving resilience due to their outsize contribution to reducing risk and mitigating damage.

Regulations + Insurance: Shifting the Tide

Regulations abound and new ones are added all the time, but breaches still happen. Why? Because compliance frameworks are flawed and do not get into the technical weeds on effective implementation. There is an opportunity for the insurance industry to help drive things forward, especially for SMBs.

Minimizing the Impact: Local Administrator Password Solution

Enabling Local Administrator Password Solution (LAPS) can help greatly reduce the blast radius of a cyber-attack and is a quick and simple process for most environments.

Minimizing the Impact: How Cloud-Based Services Could Reduce the Stress of Recovery

Using cloud-based services can help not only lift the burden of day-to-day IT and security tasks, but they can also provide a significant benefit when dealing with a ransomware attack.

Incident Management Chronicles: Striking The Right Balance

Finding the right balance between containment, recovery and forensics workstreams is the key to faster and more effective incident response.

Incident Management Chronicles: Recovery vs Forensics

The lines between forensics and recovery can easily blur during incident response. Using an approach that delivers both in parallel helps minimize business interruption and get organizations back online more quickly.

How to Mature Threat Hunting Programs

Building threat hunting skills within your team can help prevent burnout, up-level skills and give your team a broader understanding of your security environment.

Incident Management as a Platform: Scaling Incident Response

Learn how MOXFIVE's platform-based approach to incident management drives increased efficacy and quicker resolution of complex challenges while also reducing costs and making life easier for all parties involved.

Ransomware Payment Bans are Bad Policy

This year’s Colonial Pipeline breach turned a spotlight on the debate over whether or not cyber ransoms should be paid by victims of these attacks. This blog examines why we think payment bans are bad policy.

Open-source Security Spotlight: pfSense

Open-source software is used in a wide variety of projects, including the recent Mars helicopter, Ingenuity! In this blog, we take a look at the open-source network security solution, pfSense, and the many ways it can be used.

Visibility in Incident Response: Don’t Chase Ghosts in Your IT Estate

To effectively respond to a cybersecurity incident, having complete visibility into all assets (endpoint devices, applications, user accounts) across your IT estate is a critical success factor for recovering quickly and minimizing business disruption.

Dispatch from the Front Line

In July 2019 we posted our inaugural blog and introduced our idea of how a Technical Advisor could help companies better manage the incident response process. Two years (and hundreds of incidents) later, we've learned many lessons that help our clients recover quickly and effectively.

Tabletops Improve Incident Response

Tabletops can help improve organizational awareness and streamline Incident Response efforts. Learn how they can help mature your security posture and develop your teams' skills.

Maximizing Red/Blue Team Effectiveness

Fusing the efforts of your red and blue teams by implementing a purple team approach enables analysts to cross-train, collaborate, and respond more effectively during an incident.

Recover, Then Upgrade - One Problem at a Time

Four questions to ask if you're considering adding an upgrade to an in-progress recovery effort.

Common Misconceptions of Business Recovery

Recovering from a cyber incident is a complicated and challenging process. Read our top 6 factors that can help determine whether the recovery process runs smoothly... or not.

When it Comes to Cybersecurity, Money Talks

Changes in the cyber insurance industry are driving a change in how organizations are investing in security.

In Times of Crisis: Focus, Plan, Ask for Help

Every pilot learns the mantra "Aviate. Navigate. Communicate." during their initial flight training. Easy to remember in a crisis and it helps remind the pilot of the order of priorities required to execute an optimal recovery.

Ransomware is a Mere Symptom, Extortion-Based Crime is the Disease

Has the rise of ransomware distracted us away from the true issue at hand? Encrypted files, corrupted applications, deleted backups, and ...

Assessing Risk in the Wake of SolarWinds Attack

Over the last couple of weeks, we have all watched the details surrounding the SolarWinds attack unfold. The full scope of the attack wil...

Targeted Containment — Less is More

Prioritize efforts, consolidate focus, succeed.

Ransomware Recovery Tales: Prepare for Battle

Does your organization have everything it needs to be prepared for a ransomware incident?

Ransomware Recovery Tales: The Battle of Netwalker

Threat actors can deploy, ransomware without the need to build or manage underlying infrastructure.

Assessing Risk: The “How” is Just as Important as the “What”

See how we assess an organization’s security risk and ability to prevent ransomware attacks.

Backups: Ahh! To Zzz 😴

Sleep Soundly with Good Backups!

Ransomware Recovery Tales: Protect the Kingdom

For every ransomware incident MOXFIVE has assisted with, the primary concern during recovery has been the health of the core infrastructure

The Key to Successful Business Recovery

MOXFIVE’s “Break Glass” Strategy to Recovering from a Ransomware Attack Ransomware events can be the worst experience for any person

Think Before you “Brick”

Over the last year, insurance carriers have looked for innovative ways to expand coverage. One such area is coverage around “bricking”. A...

Incident Response: Endpoint Agent All the Things?

Understanding the role of Endpoint Technology in Incident Response

The Next Phase in Cyber Insurance

Cyber claims have departed from lost laptops and basic malware claims and the industry is now realizing that it's less prepared to deal with

MOXFIVE, CrowdStrike, and Baker Tilly outline three use cases where our intelligence-led process helped clients recover with speed and precision.

Let’s Talk.

Whether you need immediate help responding to an incident or are just trying to better prepare for one, we can help. Complete the form below and it will go directly to our Technical Advisory team.