Build IDs: 6-2-rc2-30, master-2022


WitFoo Incident Responder 
Enhancements in Precinct 6.2 allow Incident Responders to quickly comprehend and respond to ongoing threats and coordinate with law enforcement when appropriate.  
WitFoo Incident Responder Workflows

WitFoo Assessor  
Assessor workflows transform machine data into reports on compliance, readiness and business effectiveness to enable architects, auditors, insurers, solution developers and executives to do their part to secure the world together. 
WitFoo Assessor Workflows 

WitFoo Threat Researcher  
Precinct 6.2 introduces new features that allow incident responders to coordinate evidence with Threat Researchers across law enforcement and national security to thwart cybercrime and make the world secure together. 
WitFoo Threat Researcher Workflows 


  • MeasureRisk Cyber Hygiene Score shown on dashboard
  • SaaS: Allow Dispatch Jobs to run on on-prem Streamer Node
  • Support for WitFoo Precinct Cloud 2.0


  • CyberArk Integration


  • Improve RAM recovery
  • Faster processing/throughput at lower CPU cost
  • Configuration option for Investigative Engine (IE) processing threads
  • Up-to-date reporting on message processing for observed tools, sending hosts and streamnames


  •  Job and update sync can crash in certain circumstances (offline-library)
  • Clicking Assets view results in logout
  • IG filter count does not match the count of incidents displayed
  • Getting kicked out of UI
  • Cases not retaining status when closed
  • Closing an incident doesn’t POST correct status_id (does use correct status_name)

NOTE: How to take control of when your deployment of Precinct upgrades.

NOTE: Clear Chrome cache using the instructions linked here.

RSS Feed for release notes is:

Email notifications for WitFoo Release Notes can be subscribed to here: