How This Briefing Works
This report opens with key findings, then maps the gaps between what Moxiegtm discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.
Key Findings
Analysis pending. Findings will appear here once intelligence collection is complete.
Claims vs. Observed Behavior
Pending Analysis
“Claims extraction pending”
CDT analysis critical — deanon vendors core function is identity resolution (BTI-C14)
What This Means For You
What To Do About It
Role-specific actions based on observed behavior
If You Use Moxiegtm
- →do not deploy without full behavioral audit
- →review consent mechanisms for identity resolution
If You're Evaluating Moxiegtm
- →critical-priority recon investigation — deanon vendors require immediate behavioral analysis
Negotiation Leverage
- →Baseline detection only — behavioral analysis is critical for deanon vendors
- →Identity resolution vendors operate at the intersection of privacy law and surveillance
- →Require complete data flow documentation including identity graph sources and retention policies
Runtime Detections
BLACKOUT observed this vendor's JavaScript executing in a live browser and classified each hostile behavior using our BTI-C (Behavioral Threat Intelligence — Capability) taxonomy. These are not theoretical risks — each code below was triggered by something we watched this vendor's code actually do.
Keystroke/mouse tracking
Full session replay
Identity stitching
Ignoring CMP signals
PII deanonymization
IOC Manifest
Indicators of compromise across 4 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.
Ecosystem & Supply Chain
Evidence Artifacts
Artifacts collected during analysis, available with evidence-tier access.
Complete network capture with all requests and responses
28 detection signatures across scripts, domains, cookies, and network endpoints