Security Orchestration and Response (SOAR)

The WitFoo SOAR engine combines a codeless interface, Amazon States Language and the OpenAPI specification to deliver a powerful out of the box experience for most organizations and highly flexible engine for advanced teams.


OpenAPI Support

Import integration support for solutions that support the OpenAPI (Swagger) specification.

Collect, Respond and Inventory

WitFoo licensing includes creation and maintenance of all integrations for data collection, response actions and asset inventory.

Responsive Playbooks

Playbook tasks adapt to data and user inputs to quickly respond to situational changes and attack progressions, making even the novice incident responder effective.

Federated Coordination

Playbooks and workflows can be shared across global organizations, between managed service providers, insurers, and law enforcement where appropriate.


The software can be deployed in public or private clouds, internal hypervisors (VMWare and Hyper-V) and can be hosted and managed by WitFoo Service Partners.

Product Overview

WitFoo Precinct receives, comprehends, analyzes, and stores all messages and signals to deliver a zero-triage interface for hunting, detecting, and responding to advanced threats with confidence.