A big focus on SecDevOps and securing CI/CD pipelines through the ingestion of Github audit logs. Performance improvements for sensors with heavy process & network activity.

Cybersecurity sales culture tends towards secrecy, lock-in, and unverifiable promises—the precise opposite of what companies need from vendors today.

Kimber Dowsett talks to LimaCharlie about infosec, DFIR, the Mock Interview and Resume Revue (MIRR), job title, and much more. Having worked at Apple and NASA Kimber has taken an interesting path to her position as a Director at Krebs Stamos Group.

Endpoints as well as applications such as AWS, Google Cloud, Office 365, 1Password, Slack, and thousands of others produce vast amounts of data. Reduce your security tooling spend by using to LimaCharlie to route data at the event level.

A Cybersecurity Infrastructure Grant program to support innovative security practitioners in building the future of the industry. Get a $1000 credit applicable towards using the LimaCharlie platform to develop any project they want.

LimaCharlie raises 5.45 million, add support for Github audit logs, eBPF update, user experiences enhancements, Single Sign On (SSO) now available, output flags for storage optimization, an upcoming webinar focused around SecDevOps, and more!

At LimaCharlie we are not like other vendors. We are 100% a technology company and do not compete with the people and companies we provide tools and infrastructure for. We are vendor-neutral providers of tools and infrastructure for security professionals.

Spring is in the air! Sigma rule support update, new IoC search, real-time detections in the web app, a new Duo sensor utilizing the LimaCharlie Adapter technology and IaC templates. Also an upcoming webinar on how to save money on security tooling.

COVID-19 has accelerated the move towards a distributed workforce. A new approach to cloud-based cybersecurity tools and infrastructure can be used to lower Splunk costs, provide secure private networking and keep remote teams safe.

An interview with Simon Eklund who leads DFIR at Cparta Cyber Defense: A cybersecurity firm working to protect Swedish commercial interests. We talk about IT operations, IT Integrators, SOC, IR retainers, ransomware and more!

LimaCharlie is growing the team and has launched three new sensors: Microsoft Defender, Windows Event Log monitoring, Google Cloud BigQuery, and more.

Intel Owl is an open source project that provides enrichment of threat intel for malware as well as observables (IP, Domain, URL and hash).

Today we are happy to announce an integration with SOC Prime that will allow us to deliver cutting-edge Sigma threat detection logic directly to your LimaCharlie deployment.

LimaCharlie sponsors The Ultimate Nginx Bad Bot blocker and Phishing data base.

Introducing the new LimaCharlie website. So long Squarespace, hello React + Contentful.

Changed the source of our Sigma CI/CD pipeline. Added sensors for Text/Syslog, JSON logs, Amazon AWS CloudTrail Logs, Google Cloud Platform Logs, 1Password audit event logs, and VMWare Carbon Black EDR sensors. eBPF and Office 365 support.

Along with an advanced EDR, log aggregation, automations engine, software-defined networking, artifact ingestion, and an operational console for security teams, LimaCharlie now offers the ability to bring in external logs and telemetry from any source

January Developer Updates: a webinar with one of our oldest and most valued customers: Soteria - Security Solutions & Advisory, Advanced Search feature update, Tailored Outputs feature update

In order to make the lives of DFIR professionals easier, LimaCharlie has integrated the Velociraptor open source endpoint visibility tool. Velociraptor provides the ability to effectively investigate a wide range of digital forensic use cases.

My name is Mike Behrmann. I am the Director of Digital Forensics and Incident Response at Antigen Security. We are a DFIR-led consulting firm that specializes in incident response, recovery engineering, managed detection & response (MDR) and training.

We are squeaking this one in under the wire as we say goodbye to the second full year in this long pandemic. It has been a busy year with lots of new features and improvements.

LimaCharlie provides everything you need to run modern cybersecurity operations, and it is also a great tool for builders. Our powerful web application is built using the publicly accessible API. There are no magic functions and we put the full power

Atomic Red Team is a library of automated tests mapped to the MITRE ATT&CK framework which allows security teams to quickly, portably and reproducibly test their environments. It simulates 238 of the different attack technique

Another busy month for the team at LimaCharlie. Some of the highlights include the introduction of a new sensor type and our SOC 2 Type 2 certification.

*Ross Haleliuk, LimaCharlie's new Director of Product, overviews the evolution of Cybersecurity, Infastructure As A Service and highlights LimaCharlie's four fundamental responses to the current priorities of cybersecurity professionals

LimaCharlie has successfully completed its Service Organization and Control (SOC 2) audit conducted by the Johanson Group, a leading professional service firm that focuses on SOC 2 & 3 examinations for public and private companies.

On this monthly developer update: We've deployed enhanced rule validation for D&R rules and improved our Web Application Onboarding & ‘Add Sensor’ Flow

An interview with customer Stefan Waldvogel, an SIEM Engineer for Graylog. Stefan has had a very interesting journey on his way to becoming a cybersecurity professional and we asked him to share his story and how LimaCharlie was a part of it.

Monthly update blog, september, Atomic Red Team is a library of tests mapped to the MITRE ATT&CK framework

cybersecurity tools and supporting infrastructure billed based solely on usage in a scalable way

Replay is the ability to run detection logic over historical data. Modifications made for more accessibility. continuous integration / continuous development approach (CI/CD). unit tests.

Monthly update from LimaCharlie: Replaying and Testing D&R Rules in the Web App, Artifact Ingestion IP, Infrastructure as Code Improvements, MacOS sensor updates

Monthly developer update: LimaCharlie is Hiring!, Net Telemetry Improvement, New Course on edu.limacharlie.io, New D&R Rule Operator: Scope

LimaCharlie's response to antivirus integrations: Windows Defender.

LimaCharlie Net is a zero trust networking solution based on the identity of the device which is transparent to the user. The technical term for this technology as it is delivered is a Secure Access Service Edge (SASE).

Leverage our infrastructure as code (IaC) approach to quickly create new tenants with complex configurations.

Monthly Developer blog for June 2021: updates on usage-based billing, VirusTotal API and new additions to Add-Ons Marketplace

Advantage for Managed Security Service Providers (MSSPs) and Managed Detection and Response (MDR) providers: pure usage-based billing model for our Endpoint Detection & Response (EDR) capability.

LimaCharlie contribution to the fight against ransomeware attacks

Customer Interview with Jonathan Haas, Lead Security Operations at Carta.

Monthly Developer Updates: updates to app.LimaCarlie.io interface, Artifact Ingestion system extended to Apple Binary (and XML etc) PLISTs., Sensor updates

Monthly Development Update: new content to our YouTube channel and e-learning platform, webapp timeline, Sensor, Sigma and event log updates

How to execute Payloads using the LimaCharlie Agent

Monthly Developer Update: Custom Branding Improvements, Windows Event Log Updates, Sensor v4.24.0

Developer roll up: capture PCAPS and process with Zeek. Major web UI update D&R rule changes. Python SDK/CLI v3.18.0.

LimaCharlie Lead Frontend Engineer, Rowan Weismiller, loom video on all the updates to the web application user interface.

Installation keys and EDR sensor downloads now in a new section called Install Sensors. Incident response moved from sidebar to sensors section. Menu added respond, develop and setup sections.

Maxime is an accomplished computer scientist and information security specialist. Maxime was a founding member of Google X’s Chronicle Security. He left in 2018 to found LimaCharlie.

Native support for macOS arm64 (aka Apple Silicon, aka M1). Windows sensor and a Chrome sensor on the same box.

An interview with Soteria’s senior detection and response engineer, focusing on building out our Managed Detection and Response (MDR) and Incident Response capabilities.

Seed funding from Lytical Ventures. Revamp support for macOS 11 (Big Sur). A new version of the Python SDK / CLI tool.

An interview with Francis Mireault who has joined the ranks as our principal backend engineer working with GCP and Golang to deliver the next generation of security infrastructure.

The LimaCharlie sensor is fully interactive and can monitor over 70 different event types. The agent is written in C and then compiled for each different platform and architecture it runs on.

Fixes an issue where Yara scanning. Installer has also been updated for Windows. Hardened LC protocol with the sensor talking to the cloud. Fixed issue where proxies would reply with an HTTP 1.1 OK even to HTTP 1.0 requests.

An interview with Rowan Weismiller who has joined the ranks to lead frontend development.

The story behind the name LimaCharlie as told by Maxime Lamothe-Brassard.

Attackers went to some length to avoid detection and were removing agents for a Wazuh IDS. How to sneak by EDR solutions and the common path is to silence the ETW and stick to .net assemblies for execution.

LimaCharlie is happy to announce the addition of Amrik Randhawa to the leadership team as the Director of Product. Amrik has a long history of working in the SaaS space and has earned his stripes as an entrepreneur.

Two new services: PagerDuty & Twillio. New service dumping the MFT on Windows. Artifact collection parsing for MFTCSV and CSV types.