Metric Driven Development

Metric Driven Development

Abstract Developing software that changes the world, exceeds customer expectations, provides turn-key functionality in diverse scenarios while meeting security and compliance requirements is the holy grail of Security Development Operations (SECDEVOPS). There are...
Breaking NBAD & UEBA Talk

Breaking NBAD & UEBA Talk

Recording of Presentation Downloads My deck on Breaking NBAD & UEBA Talk given at DEFCON & GRRCON (2019) can be downloaded here: download link. The script referenced in the talk can be viewed on the Pastebin dump. Abstract Network Behavior Anomaly Detection...
Hypnosis of your Tech

Hypnosis of your Tech

We started WitFoo because we were moved by the pain we were seeing on the faces of our customers in previous endeavors. We knew that there had to be fundamental changes to how security software supported the craft. We decided we would study, listen and follow the...
GA ISSA Talk: People > Machines

GA ISSA Talk: People > Machines

I am looking forward to speaking at the Georgia Annual ISSA Meeting on 11/15. The blog series that the talk is based on is below. Part One: History Part Two: Algorithms & Machine Learning Part Three: Cognition vs AI Part Four: Playbook Automation Part Five: Humans...