Blog
Field notes from our practitioners
Practical insights on cybersecurity, managed IT, and compliance — written by the engineers and analysts doing the work.
Latest posts
From the blog
Threat Intel·May 12, 2026
What CMMC 2.0 Level 2 actually requires of your MSP
A practical walkthrough of the controls and evidence MSPs need to deliver for DIB clients pursuing CMMC 2.0 Level 2.
Read article →Cloud·April 28, 2026
Designing a Zero Trust landing zone in regulated AWS GovCloud
Reference architecture and identity boundaries for ZT in GovCloud.
Read article →Risk·April 4, 2026
Tabletop exercises that survive contact with a real incident
How we structure exercises that produce muscle memory, not slides.
Read article →Identity·March 19, 2026
The phishing-resistant MFA migration playbook we actually use
A pragmatic playbook for moving an org off SMS and push-MFA.
Read article →Detection·February 27, 2026
Coverage gaps in your SIEM you almost certainly have right now
The detection categories most teams under-instrument and how to close them.
Read article →Compliance·February 9, 2026
SOC 2 fatigue is real. Here's how to operationalize controls instead.
Turning audit prep into a steady-state controls program.
Read article →