XDR + SOAR + Big Data Analytics

Combining the time-tested approaches from physical law enforcement with modern advances in natural language processing (NLP), machine learning (ML), graph theory and data science, WitFoo Precinct automates the analysis and response of incident responders.

Incident Responder

NLP Message Comprehension

Using advances in natural language processing (NLP), all messages received by Precinct are automatically comprehended, parsed, analyzed, and stored in the big-data cluster.

Graph Incidents by Modus Operandi

Every user, file, email, service, computer and relationship observed by WitFoo Solutions are analyzed and stitched into units of work based on the modus operandi of the adversary.

Playbooks & SOAR

Object-Oriented, responsive playbooks guide even junior responders through comprehensive investigations. Integrations with all security tools allow rapid and effective response to emerging threats.

Advanced Threat Intelligence

WitFoo solutions are connected by the WitFoo CyberGrid to rapidly share anonymous threat intelligence from all participating clusters. Bulletins posted by Threat Research Partners and Law Enforcement agencies are utilized along with STIX/TAXII feeds to rapidly share emerging threats across the ecosystem.


The software can be deployed in public or private clouds, internal hypervisors (VMWare and Hyper-V) and can be hosted and managed by WitFoo Service Partners.

Product Overview

WitFoo Precinct receives, comprehends, analyzes and stores all messages and signals to deliver a zero-triage, interface for hunting, detecting and responding to advanced threats with confidence.