May 3, 2023
|
By Christopher Luft
We hope you're all doing well and staying secure. The team at LimaCharlie has been hard at work developing cybersecurity solutions that are accessible and effective, and we're excited to share some recent updates with you. Last week, we had the opportunity to attend both BSides San Francisco and RSA, where we were able to connect with other cybersecurity professionals and showcase some of our latest developments.
Apr 24, 2023
|
By Matt Bromiley
Here at LimaCharlie, we believe in utilizing as much telemetry as possible to gain insight into suspicious activity within your environment. Our platform allows for you to create or import detection rules, like Sigma or SnapAttack, quickly, so your team can get up and running. Wider visibility means higher fidelity detections. However, what if we could utilize a simple, yet effective, tool to provide an earlier warning of potential attacks? This is where Canarytokens come in.
Apr 18, 2023
|
By Christopher Luft
Like all cybersecurity providers, Blumira has had to respond to the rise of remote and hybrid work models. But given Blumira’s focus on SMBs and mid-market companies, they found many businesses in their target market priced out of mature endpoint monitoring solutions—or without the technical ability and infrastructure to run the endpoint agents a larger organization might use.
Apr 11, 2023
|
By Christopher Luft
LimaCharlie takes a radically different approach to cybersecurity, providing mature security capabilities and infrastructure in an on-demand, pay-per-use way. This opens up exciting opportunities for entrepreneurs who want to create their own cybersecurity startup using LimaCharlie.
Apr 4, 2023
|
By Ross Haleliuk
Almost eight years ago, Christof Jungo, who was at the time head of security architecture and engineering at Swisscom, proposed the idea of cybersecurity middleware. Christof’s idea was that although it is easy to collect all security telemetry in one place, it is difficult to operationalize it for fast and efficient incident response. He proposed a concept of interchangeable and interoperable parts that can act as a middleware, a higher-level abstraction layer for security.
Apr 1, 2023
|
By Christopher Luft
Spring is in the air and the team at LimaCharlie continues on its quest to change the way that cybersecurity tools and supporting infrastructure are delivered. Join us for this month’s live webinar where Matt Bromiley, our Lead Solutions engineer, will be discussing LimaCharlie's detection and response capabilities. In this live webinar, we will look at: This is part two of a multi-part education series (part 1 here), where we look at different ways to utilize the LimaCharlie platform.
Mar 30, 2023
|
By Christopher Luft
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) defines insider threat as “the potential for an insider to use their authorized access or understanding of an organization to harm that organization.” The nature of insider threats is fairly wide-ranging. Most of us in the security field will naturally think of insider threats in cybersecurity terms, but CISA’s definition includes things like espionage, terrorism, and workplace violence.
Mar 17, 2023
|
By Christopher Luft
Integrating LimaCharlie with Datadog increases visibility for LimaCharlie users. In this article, we will look at two ways you can configure the integration to help security teams streamline workflows.
Mar 14, 2023
|
By Christopher Luft
LimaCharlie offers many of the capabilities of a security information and event management (SIEM) solution, although it is not a SIEM. In this article, we’ll talk about LimaCharlie vs traditional SIEMs—and explain how our platform can be used to reduce or replace SIEM usage and help cybersecurity teams save money.
Mar 2, 2023
|
By Christopher Luft
We recently launched the LimaCharlie Query console which makes the underlying LimaCharlie Query Language (LCQL) more accessible. Users can now easily operationalize the full year of telemetry retained by LimaCharlie, reducing or eliminating the need to send telemetry into 3rd party SIEM-like tools such as Splunk and ELK. It is an exciting new set of capabilities that opens a whole new world of possibilities.
May 8, 2023
|
By LimaCharlie
LimaCharlie's Lead Solution Engineer, Matt Bromiley, talks about our engineering-centric approach to cybersecurity.
May 5, 2023
|
By LimaCharlie
LimaCharlie is a cybersecurity middleware platform to connect sources of security telemetry, automate activity based on what's being observed, and forward data where you need it. LimaCharlie puts you in complete control of your data, allowing you to build the security program that your organization wants and needs.
May 4, 2023
|
By LimaCharlie
The new Secrets feature within our Config Hive lets you decouple secret values, API keys, etc. from users, allowing for more granular secret control in LimaCharlie.
Apr 20, 2023
|
By LimaCharlie
LimaCharlie is a cybersecurity middleware platform to connect sources of security telemetry, automate activity based on what's being observed, and forward data where you need it. LimaCharlie puts you in complete control of your data, allowing you to build the security program that your organization wants and needs. As powerful as the LimaCharlie platform is, we recognize that sometimes analysts need to send data elsewhere, or integrate specific tools for security control testing and incident response. In Part 3 of our LC101 series, we’ll look at options for extending the LimaCharlie platform.
Apr 10, 2023
|
By LimaCharlie
Sensor 4.28.1 update enables you to enumerate users on MS Windows OS using a shorthand console command. General Links
Apr 6, 2023
|
By LimaCharlie
Quick video on the addition of the --interpreter flag for the Console run command
Apr 4, 2023
|
By LimaCharlie
LimaCharlie is a cybersecurity middleware platform to connect sources of security telemetry, automate activity based on what's being observed, and forward data where you need it. LimaCharlie puts you in complete control of your data, allowing you to build the security program that your organization wants and needs. In our next session, join Matt Bromiley, our Lead Solutions engineer, to continue the discussion in getting familiar with LimaCharlie's detection and response capabilities..
Mar 28, 2023
|
By LimaCharlie
Practical Experience is important in getting cybersecurity work, and a home lab is a great option, but how do you do this for a SOC Analyst or cyber defender lab? Eric Capuano of Recon Infosec spells it out in a blog post. In this video, Dr. Gerald Auger shows you exactly why this Home SOC lab will give you an incredible advantage in learning practical cybersecurity skills.
Mar 21, 2023
|
By LimaCharlie
LimaCharlie is a cybersecurity middleware platform to connect sources of security telemetry, automate activity based on what's being observed, and forward data where you need it. LimaCharlie puts you in complete control of your data, allowing you to build the security program that your organization wants and needs. There's no single correct way to use LimaCharlie - but getting started is key. Join Matt Bromiley, our Lead Solutions Engineer, for an introductory session.
Mar 15, 2023
|
By LimaCharlie
In this segment of The Cybersecurity Defenders Podcast, we sit down with Matt Bromiley to talk about some of the latest intel coming out of the LimaCharlie community Slack channel.
- May 2023 (4)
- April 2023 (9)
- March 2023 (7)
- February 2023 (7)
- January 2023 (7)
- December 2022 (6)
- November 2022 (6)
- October 2022 (9)
- September 2022 (6)
- August 2022 (6)
- July 2022 (4)
- June 2022 (6)
- May 2022 (4)
- April 2022 (3)
- March 2022 (6)
- February 2022 (3)
- January 2022 (3)
- December 2021 (5)
- November 2021 (6)
- October 2021 (3)
- September 2021 (4)
- August 2021 (9)
LimaCharlie gives security teams full control over how they manage their security infrastructure. Get full visibility into your coverage, build what you want, control your data, get the security capabilities you need, for however long you need them, and pay only for what you use.
LimaCharlie Sensors enable organizations to collect relevant security telemetry, logs and artifacts in real-time from any source and process that data at wire speed using a universal detection, response and automation engine. Use signature based detections, your favourite threat feed or subscribe to curated detection rules.
An engineering approach to cybersecurity:
- Endpoint detection & response: Respond to threats at wire speed and create powerful automations. Leverage solutions custom designed for your environment and control your security posture without having to rely on external vendors.
- Software-defined networking: Secure and monitor network access to your endpoints by providing advanced instrumented Zero Trust VPN access. LimaCharlie’s Secure Access Service Edge (SASE) makes secure remote networking easy and affordable.
- Windows Event Log monitoring: Gain the ability to capture and analyze Windows Event Logs (WEL) in real-time. Ingested WEL are indexed along common indicators of compromise and run through the Detection & Response engine.
- File & registry integrity monitoring: LimaCharlie's File & Registry Integrity Monitoring capability allows you to monitor specific file path patterns and registry patterns for changes.
- Monitoring cloud deployments: Secure your cloud using LimaCharlie’s advanced Sensor technology. Run in a VM, Docker, or as a privileged container in Kubernetes. Optimize your costs with fine-grained event collection control, autoscaling and automated sensor culling.
- YARA scanning at scale: Various YARA scanning methods are available. Run a scan on any given endpoint or continuously across the entire fleet in a way that does not impact performance. Pull YARA signatures from Github repositories and other sources, both private and public.
- Cutting edge detections: Leverage the work of best-in-class professionals with an unparalleled cost efficiency. Subscribe to threat feeds and curated detection rules. Easily write your own custom rules and apply them instantly to your entire fleet.
- Log and artifact monitoring: Ingest logs, or any file type, from any source and run them through the detection, automation and response engine. One year of full telemetry storage included - not just detections or select entries, but all endpoint, network, and external logs telemetry.
Detect and respond on everything.