In this short video we show you how easy it is to install the LimaCharlie EDR sensor and get telemetry flowing into the cloud. Once installed you can go live on the sensor and perform digital forensics in real-time. Visually navigate through historic telemetry, view memory maps, kill or suspend processes, explore the file system, view network connections and much more. Watch this video to see how powerful it is.

LimaCharlie benefits security organizations by providing the core technologies required for cybersecurity operations such as EDR, log ingestion, software defined networking and more. It does this with a self-serve, usage-based model. Run your operations through the web application or leverage the API and infrastructure-first approach to integrate at scale. Join us for this webinar to learn the best practices, tips and tricks for handling an incident.

This LimaCharlie integration of Red Canary's Atomic Red Team enables users to run tests mapped to the MITRE ATT&CK® framework against their deployments with just a few clicks of a button. Security teams can use Atomic Red Team to quickly, portably, and reproducibly test their environments. General Links Course Playlists Social Media.

Comms is built for Digital Forensics & Incident Response. It is a console, communications platform and audit trail that is deeply integrated with all aspects of LimaCharlie. It is not something that was bolted on after the fact but rather something that has been purposefully built to operationalize the full power of LimaCharlie towards responding to threats and defending against attackers.

This video is a brief demonstration of LimaCharlie's historical threat hunting capability.

Learn how easy it is to create a detection and response rule directly from telemetry generated by the LimaCharlie EDR. General Links Course Playlists Social Media.

The responder - or sweep sensor functionality - is designed for incident responders or any one else trying to get the ground truth on a box. With one click of a button you can get list of processes and modules, a list of any unsigned binary code, autoruns, services, drivers, network connections, which sockets are listening on which ports and what is active on the network. It will also look for hidden modules or any indicators that are new to your organization.

This video walks through the manual installation of LimaCharlie Net. LimaCharlie Net (lc-net) allows you to secure and monitor network access to your endpoints by providing advanced instrumented VPN access. lc-net endpoints appear like other endpoints in your LimaCharlie deployment, but they're quite different in nature. These lc-net endpoints need to be provisioned to be accessed. By provisioning an lc-net endpoint, you create a set of VPN credentials that can be used by a single device. One set of credentials should be used by only a single device, and not shared among devices.

This video demonstrates how LimaCharlie users can configure an Organization to send detection telemetry into a Slack Channel.

We see Infrastructure as Code (IaC) in LimaCharlie as one of our super powers. But we know sometimes it's not the most convenient approach to apply quick IaC templates. This service now allows you to do what you used to do using the CLI, but through the service and its API. On top of the API it provides, it also has its own section in the web UI that makes it easy to copy/paste your org's current configuration for backup, transfer to another org or tweaking.