Metric Driven Development

Abstract Developing software that changes the world, exceeds customer expectations, provides turn-key functionality in diverse scenarios while meeting security and compliance requirements is the holy grail of Security Development Operations (SECDEVOPS). There are...

Breaking NBAD & UEBA Talk

Recording of Presentation Downloads My deck on Breaking NBAD & UEBA Talk given at DEFCON & GRRCON (2019) can be downloaded here: download link. The script referenced in the talk can be viewed on the Pastebin dump. Abstract Network Behavior Anomaly Detection...

What’s coming in Precinct 6.0 (Benson)

In the coming weeks, beta testers will begin receiving a sneak peak of Precinct 6.0 (code name: Olivia Benson.) There a number of exciting leaps in our most advanced build. Cassandra - Infinite Storage & Replication A major shift in 6.0 is in the backend database....

Making Thankful Customers

I have so many things to be thankful for this year including my family, our investors, customers, partners, contributors, advisers and employees but after spending a few weeks on the road meeting with awesome customers and prospects, I wanted to take a moment on this...

Math for Calculating Tool ROI

We are often asked how we are able to calculate metrics as described here: And demonstrated/explained here: In this installment I will explain how you can calculate Return on Investment of any security tool using reclaimed FTE labor hours as the purchase...

Winds of Change

We had our quarterly company-wide meeting this week in Monterey, California.  All of us work remotely at WitFoo so these quarterly meetings are a great way for us to reconnect with and meet new members of the team.  This meeting was both rewarding and breathtaking –...

read more

The Training Trade Off

The Problem – Time, Money, and Travel In today’s world of network defense most defenders don’t take the time to train and keep their skills fresh.  They worry about missing a day of work and what will happen when they are gone.  I’m sure most of you reading this...

read more

A Day in the Life of a Software Engineer

  I often get questions when I am out and out about what it is that I do.  Most people have a baseline idea of what a developer is – but almost no one knows what a developer actually does when we’re “at work”.  The common thread seems to be that we make a lot money...

read more

The Importance of having an Investigative Mindset

RELEVANCE BETWEEN TWO CRAFTS Detective work requires the correct mind-set, which is proactive and forward looking. Because of this, detectives are unique within a craft that is primarily reactive in nature; crime occurs, cops arrive.  When a suspect commits a murder,...

read more

Cross-Domain Insights

Learning from other Crafts WitFoo is founded on researching other crafts to improve information security. In the session below, approaches from Naval Aviation, Aviation Maintenance and Law Enforcement models are discussed.

read more

Two Weeks Until Launch

This time last year we had not yet said the word "WitFoo" for the first time. Over the span of several months, 15 volunteers banded together to start looking for ways to mature the craft of incident response. The diverse group of volunteers came from industries...

read more