Developer Roll Up: November 2023

As we come towards the end of 2023 we can’t help but reflect on what an amazing year it has been. We have grown our team, won the trust of some amazing customers, and introduced the world to the SecOps Cloud Platform.

We wish all of you the very best and hope that 2024 is a year filled with prosperity and kindness.

Upcoming Events

Integrating LOL Binaries with LimaCharlie When: December 13, 2023 @ 10:00am PT

We have an upcoming episode of our Loud & Clear webinar and training series. These events are directed at helping folks understand how to utilize some of the key features and capabilities of the LimaCharlie platform. In our December 2023 episode, we’ll look how ways to integrate Living-Off-the-Land, or “LOL”, data in LimaCharlie. LOL binaries are native applications that adversaries like to hide behind, hoping their activity will blend in with other system noise. We will examine some of the top LOL uses across Windows, Linux, and Mac, as well as how to detect this activity in LimaCharlie.

Register for the webinar, live on December 13, 2023. Also, come join us in the LimaCharlie community Slack to join the discussion and get real-time feedback from the LimaCharlie team. We hope to see you there!

Cybersecurity Cares Telethon When: December 15, 2023 @ 6:00am - 6:00pm PT

Each year, the team at LimaCharlie works to rally the cybersecurity community to raise funds for people in need through an initiative called Cybersecurity Cares. This year, we are helping in the fight to end domestic violence by driving donations to Becky’s Fund. So far this year we have raised USD $13,680 and with your help, we can do much more. To wrap up our fundraising efforts, on December 15th, we will be hosting an all-day, live-stream telethon, and we would love for you to join us. The telethon will be aired on LinkedIn and YouTube. You can sign up here to get notified.

Defender Fridays When: Every Friday @ 10:30am PT

Join us every Friday as we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands. December 8: Lennart Koopman on detecting DNS exfiltration

Sign up now.

MSSN CTRL session recordings are now available

We are happy to share that the recordings from MSSN CTRL are now available for viewing at your leisure: https://limacharlie.io/events/mssn-ctrl-2023

Thank you again to all of our speakers and to everyone who was able to attend. We're looking forward to making the event even better next year - stay tuned for updates.

Product Updates

Announcing new Microsoft/Office 365 Ruleset

We are excited to announce the addition of a new extension - a managed set of Detection & Response rules for Office 365 developed by Soteria. The ruleset is designed for in-depth analysis of the Office 365 ecosystem which includes:

• Microsoft Teams

• Word

• Excel

• PowerPoint

• Outlook

• OneDrive

• ...and other productivity applications.

To get started, subscribe your tenant to the extension: https://app.limacharlie.io/add-ons/extension-detail/soteria-rules-o365

New Twilio Extension

In this release, we are launching a Twilio extension that can trigger alerts based on Detection & Response rules.

To get started with Twilio extension, visit https://app.limacharlie.io/add-ons/extension-detail/ext-twilio

Sensor v4.28.4

This update includes:

• enhanced network connectivity, resolves some issues with connections to the cloud dropping in certain situations

• more detailed log (hcp.log) of some network connectivity issueThis update is not an update to the cloud-managed version of the LimaCharlie EDR. It is an installer-only update for the binary on disk. It is only available through the downloads.limacharlie.io downloads.

We recommend using this version for all future deployments and for currently problematic installs.