Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AI skill gaps are a real conversation right now, and Chris Cochran, Field CISO and VP of AI Security at SANS Institute, breaks it down into three practical buckets for defenders who want to stay ahead. Start by figuring out what you can offload to AI: summarization, enrichment, repetitive tasks. Save the deterministic decisions for humans. Then learn how to secure AI itself: Finally, understand governance. Not just the technical side, but what your company is actually trying to do with AI. Security practitioners who can enable the business, not just protect it, become irreplaceable.

Join us for this session of Defender Fridays as we explore AI red teaming with John V., AI risk, safety, and security specialist at the Institute for Security and Technology (IST). At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

Join us for this session of Defender Fridays as we explore application security in the age of AI with Farshad Abasi, CEO and Co-founder at Eureka DevSecOps. At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

On this episode of The Cybersecurity Defenders Podcast, we speak with Chris Cochran, Field CISO & Vice President of AI Security at SANS Institute, about how to navigate the future of AI risk and security strategy.

Watch Claude Code analyze a week of activity for a specific host in LimaCharlie. The agent resolves the correct sensor, queries recent detections, collects event telemetry, analyzes process and network behavior, and produces a concise activity profile. Security analysts can quickly understand host behavior patterns without manually reviewing raw telemetry logs.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows.

This video shows how Claude Code handles a full tenant setup in a single workflow: creating a new organization, deploying Sigma rules, and enabling Git Sync, all in one run with LimaCharlie. Claude Code creates the organization, deploys the community Sigma rules available on the platform, and configures the Git Sync extension. That extension automatically creates a GitHub repository and syncs both the detection rules and the full tenant configuration to it, giving you version-controlled infrastructure from day one.

Join us for this session of Defender Fridays as we explore human risk management, security culture, and building empathy-driven security programs with Brandon Min, Founder and CEO at Herd Security. At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

Noisy alerts slow down every SOC. See how Claude Code with LimaCharlie can analyze your existing detection logic and trigger alerts to identify what's generating the noise and what can be done about it. After running the prompt, Claude Code reviews your rules and their trigger frequency, identifies the ones generating false positives, and produces specific recommendations for suppression rules to apply. In this example, it flags three rules and provides the logic to address each one, whether the issue stems from a syntax problem or detection logic that needs tightening.

This video expands on the EC2 sensor deployment example by tackling a full customer onboarding across four cloud environments: AWS, Azure, GCP, and DigitalOcean.

When a new security incident surfaces, threat intelligence is only useful if you can act on it quickly. This video shows how Claude Code, combined with LimaCharlie, compresses that gap significantly.

In this week's Intel Chat, Christopher Luft and Matt Bromiley discuss how attackers used AI to clone over 150 law firm websites, targeting fraud victims under the guise of offering legal assistance to recover lost funds. Chris points out how easy this has become with AI tools. Attackers can quickly clone a website, host it at a legitimate-looking domain, and start harvesting information. The episode also covers Russian cyber operations targeting the defense industrial base, Team PCP's campaign compromising 60,000+ servers, and exposed OLAMA AI infrastructure.

Claude Code runs directly inside the LimaCharlie UI, connecting to the MCP server and loading the skills needed to execute commands across your environment. In this video, you'll see it in action for common administrative tasks: identifying organizations and their IDs, pulling sensor counts for a specific org, and getting a full breakdown of containers by type. SOC managers can query this information conversationally rather than navigating multiple menus or writing custom scripts.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows.

See how LimCharlie's Agentic SecOps Workspace handles multi-tenant security operations at scale. This demo walks through real-world scenarios that MSSPs face daily: Unlike token-based AI tools that become cost-prohibitive at scale, this platform uses a flat-fee per analyst model. Every capability in your tech stack becomes accessible through AI-powered automation, and you maintain full control with granular permissions.

Join us for this week's Defender Fridays as we explore browser security, phishing evolution, and the risks of shadow AI with Cody Pierce, CEO at Neon Cyber. At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

Watch Claude Code query LimaCharlie telemetry to locate user activity across all endpoints in an organization. The agent correlates events across process execution, login sessions, and network connections to identify the most recent user activity and establish behavioral patterns. Security analysts can investigate user presence without manually searching through telemetry streams.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. JFrog article. Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows.

Feed Claude Code a threat report URL and it'll search for compromise indicators across LimaCharlie tenants, confirm the environment is clean, then it'll create and deploy detection rules. The agent extracts IOCs, generates rule logic, validates through testing, and establishes continuous monitoring. Security teams can operationalize published threat intelligence without manual rule writing.

In this quick demo, I show how easy it is to install and start using Viberails: LimaCharlie’s agentic firewall. Viberails intercepts, audits, and validates AI agent tool calls before they execute, giving security teams control over agentic operations.

In this week's Intel Chat, Chris Luft and Matt Bromiley discuss how a malicious VS Code extension impersonated OpenClaw (formerly ClawdBot) to distribute remote access malware to developers. Matt breaks down a critical pattern: whenever there's a stampede toward new technology, threat actors will find a way to inject a malicious version of it. The episode also covers PeckBirdie (a JScript-based C2 framework), Shiny Hunters' massive phishing campaign, and a Russian cyberattack on Poland's power grid.

See Claude Code execute a parallel IOC hunt for a suspicious IP across multiple LimaCharlie organizations. The agent enumerates all available tenants, launches concurrent searches, normalizes results into match categories, and reports positive hits with sensor details, timestamps, and occurrence counts. Security teams can investigate threats across their entire fleet without manually querying each tenant.

Watch Claude Code generate production-ready Cobalt Strike detection rules in LimaCharlie. The agent defines detection requirements, creates rule logic for high-signal patterns, validates syntax, and deploys rules to the tenant. Named-pipe indicators and process-based signatures are tested against positive and negative controls to confirm accuracy. Security teams can operationalize threat-specific detections in minutes instead of hours.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows.

Claude Code automates the entire detection export pipeline from LimaCharlie to AWS S3. The agent confirms AWS access, creates buckets with proper regional placement, provisions IAM policies with appropriate permissions, stores credentials securely, and enables continuous delivery. Security data flows from LimaCharlie to S3 for retention and analysis without manual AWS configuration.

See Claude Code provision a new LimaCharlie security tenant with regional data residency, enable detection extensions, generate API credentials, create SSH keys, and establish Git as the single source of truth. Security teams can manage their entire LimaCharlie detection infrastructure through version-controlled code rather than point-and-click interfaces.