The Rock & Roll of Startup Development

Rock On For the last 4-5 years of running with the WitFoo revolution, I have constantly had to defend our small team. In the early days, potential investors would remark, “You can’t get all this done with such a small team.” Now that we have accomplished building the...

ExploitCON West 2020 Slides – Metric Driven SECDEVOPS

Slides of our talk can be downloaded here. Details on the session are available here: https://exploitcon.com/#/west AGENDA Developing software that changes the world, exceeds customer expectations, provides turn-key functionality in diverse scenarios while meeting...

WitFoo Global Community Indicator of Compromise (IOC) Feed Demo

WitFoo’s Global Indicator of Compromise feed is a secure and reliable way for the WitFoo community to share intelligence about emerging threat sources. The feed is updated in near-real time as attacks occur across the WitFoo Community. It consists of the IP address...

Secure360 2020 Slides – Metric Driven SECDEVOPS

Session materials from Secure360 2020 session on Metric Driven SECDEVOPS by Charles Herring and Ryan Self.

An Ounce of Prevention is Worth a Pound of SOAR

To the Surgeon Later today I am headed to see my surgeon to schedule a proceedure. I need to have a surgery that is going to leave me off my feet for a week or more. My family will have to pick up the slack at home and my co-workers will have to take on my share of...

People > Machines (Part Two)

Algorithms & Machine Learning Demystified When I was learning how to troubleshoot and repair electronics in the Navy, I would sometimes challenge one of the instructors on how something worked. If I delved into a complicated subject I was often told it worked on...

read more

People > Machines (Part one)

Rise of the Machines Cybersecurity Incident Response has only been a part of human history for a couple of decades. Over the short course of time, industry leaders, analysts and vendors have put a heavy focus on the importance of technology solving problems within the...

read more

Defending the Defunded

There is a cyber poverty mark that plagues the Cyber Security Industry. The global 2000 and the federal government have budgets that allow them to build strong defenses, hire large teams, and perform full and complete investigations. In this talk, we discuss what can...

read more

Learning Foo

Learning Wit Fail fast.  It’s one of the Agile buzz phrases that gets thrown around a lot in software product organizations these days.  Particularly, organizations trying to embrace the Lean/Agile approach to production.  The term ‘fail fast’ is grounded in the Lean...

read more

Winds of Change

We had our quarterly company-wide meeting this week in Monterey, California.  All of us work remotely at WitFoo so these quarterly meetings are a great way for us to reconnect with and meet new members of the team.  This meeting was both rewarding and breathtaking –...

read more

The Training Trade Off

The Problem – Time, Money, and Travel In today’s world of network defense most defenders don’t take the time to train and keep their skills fresh.  They worry about missing a day of work and what will happen when they are gone.  I’m sure most of you reading this...

read more

A Day in the Life of a Software Engineer

  I often get questions when I am out and out about what it is that I do.  Most people have a baseline idea of what a developer is – but almost no one knows what a developer actually does when we’re “at work”.  The common thread seems to be that we make a lot money...

read more