An Ounce of Prevention is Worth a Pound of SOAR

To the Surgeon Later today I am headed to see my surgeon to schedule a proceedure. I need to have a surgery that is going to leave me off my feet for a week or more. My family will have to pick up the slack at home and my co-workers will have to take on my share of...

2020 Conference & Security Meeting Talks

Last year, I spoke at 26 security meetings and conferences. I learn the most when I'm in the field with my heroes. If you have a local meeting or conference that would benefit from any of these topics, let us know and I'll do my best to show up.   Bio CHARLES...

Metric Driven Development

Abstract Developing software that changes the world, exceeds customer expectations, provides turn-key functionality in diverse scenarios while meeting security and compliance requirements is the holy grail of Security Development Operations (SECDEVOPS). There are...

Breaking NBAD & UEBA Talk

Recording of Presentation Downloads My deck on Breaking NBAD & UEBA Talk given at DEFCON & GRRCON (2019) can be downloaded here: download link. The script referenced in the talk can be viewed on the Pastebin dump. Abstract Network Behavior Anomaly Detection...

What’s coming in Precinct 6.0 (Benson)

In the coming weeks, beta testers will begin receiving a sneak peak of Precinct 6.0 (code name: Olivia Benson.) There a number of exciting leaps in our most advanced build. Cassandra - Infinite Storage & Replication A major shift in 6.0 is in the backend database....

An Ounce of Prevention is Worth a Pound of SOAR

To the Surgeon Later today I am headed to see my surgeon to schedule a proceedure. I need to have a surgery that is going to leave me off my feet for a week or more. My family will have to pick up the slack at home and my co-workers will have to take on my share of...

read more

2020 Conference & Security Meeting Talks

Last year, I spoke at 26 security meetings and conferences. I learn the most when I'm in the field with my heroes. If you have a local meeting or conference that would benefit from any of these topics, let us know and I'll do my best to show up.   Bio CHARLES...

read more

Metric Driven Development

Abstract Developing software that changes the world, exceeds customer expectations, provides turn-key functionality in diverse scenarios while meeting security and compliance requirements is the holy grail of Security Development Operations (SECDEVOPS). There are...

read more

Breaking NBAD & UEBA Talk

Recording of Presentation Downloads My deck on Breaking NBAD & UEBA Talk given at DEFCON & GRRCON (2019) can be downloaded here: download link. The script referenced in the talk can be viewed on the Pastebin dump. Abstract Network Behavior Anomaly Detection...

read more

What’s coming in Precinct 6.0 (Benson)

In the coming weeks, beta testers will begin receiving a sneak peak of Precinct 6.0 (code name: Olivia Benson.) There a number of exciting leaps in our most advanced build. Cassandra - Infinite Storage & Replication A major shift in 6.0 is in the backend database....

read more

Making Thankful Customers

I have so many things to be thankful for this year including my family, our investors, customers, partners, contributors, advisers and employees but after spending a few weeks on the road meeting with awesome customers and prospects, I wanted to take a moment on this...

read more

Math for Calculating Tool ROI

We are often asked how we are able to calculate metrics as described here: And demonstrated/explained here: In this installment I will explain how you can calculate Return on Investment of any security tool using reclaimed FTE labor hours as the purchase...

read more

Building a DevSpecOps Team

As I have had opportunity to demonstrate our product to cybersecurity veterans I am often asked “How did your very small team do this when larger, well-funded teams cannot?” It is true, the WitFoo development team has never been larger than 5 active members at any...

read more

Innovative Path to Funding

WitFoo was founded by veterans of the US Military, law enforcement and cybersecurity in February 2016 to research, enhance and equip the craft of cybersecurity operations. Over the last two years, we have raised more than $1M in capital from almost 100 individual...

read more

Hypnosis of your Tech

We started WitFoo because we were moved by the pain we were seeing on the faces of our customers in previous endeavors. We knew that there had to be fundamental changes to how security software supported the craft. We decided we would study, listen and follow the...

read more