Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Analyzing real malware with Claude Code and LimaCharlie

Most malware analysis workflows follow the same pattern: run a set of tools, manually review the output, build detection rules from memory, and repeat. It's reliable, but slow, and for MDR and MSSP teams handling volume, delays have a cost. In this workshop, LimaCharlie Senior Solutions Engineer Chris Botelho demonstrates a faster path: using Claude Code with LimaCharlie's reverse engineering environment to triage, analyze, and build detections against a real malware sample pulled from Malware Bazaar.

Security is a core leadership issue & opportunity with David Chernitzky, Armour Cybersecurity [317]

Today David Chernitzky, Co-Founder and CEO of Armour Cybersecurity, breaks down the challenges small and mid-sized businesses face in the new blink-and-you-miss-it cybersecurity landscape. Don't be left behind and open yourself to AI-driven attacks from threat actors.

When AI changes the rules, attackers adapt

The dominant narrative around AI in security is one of emboldened defenders suppressing attackers. Yet, not everyone is convinced the future will be so rosy. In a recent Defender Fridays episode, Josh Neil, Co-founder and CTO of Alpha Level, made an argument that cuts against the celebratory mood: as AI makes known attack vectors harder to use, adversaries don't disappear. They adapt. For MSSPs and SOC teams, an adversary that looks like a user is a harder problem than one that looks like malware.

Is anything about AI worth the hype?

Dr. Adeel Shaikh Muhammad argues that when it comes to AI in the SOC, alert prioritization, anomaly detection, and SOC efficiency are where the real value is. The rest is mostly noise. On The Cybersecurity Defenders Podcast, the cybersecurity strategist and three-time author draws a clear line between where AI delivers and where the industry has oversold it. Full autonomous SOCs, perfect attack prediction, and replacing human analysts all fall on the hype side. AI narrows focus and accelerates decisions, but the final call still belongs to humans.

Prompt instructions won't save your production environment

In July 2025, Replit's autonomous AI coding agent deleted a live production database despite being explicitly instructed to freeze all changes. The agent then attempted to reassure the user with incorrect information after the fact. The team had safeguards in place. The instructions were explicit. Neither stopped it. The conclusion that follows is one the security community should take seriously: you cannot enforce AI agent behavior through the agent itself.

How analysts use cognitive reasoning in investigations with Chris Sanders

Join us for this week's Defender Fridays as Chris Sanders, Founder at Applied Network Defense and the Rural Technology Fund, breaks down how analysts actually think through investigations and what separates high performers from the rest. At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

Grid by LimaCharlie is now in beta: Agentic SecOps for the stack you have

Grid is LimaCharlie's agentic AI layer for security teams that want AI operations running across their existing stack right now. Security providers and SOCs need access to AI capabilities without waiting for a migration window, a contract renewal, or a vendor to ship the features they need. Every major security vendor is offering some version of AI. CrowdStrike has Charlotte AI. SentinelOne has Purple AI. Microsoft has Copilot for Security.

Security infrastructure for building AI in SecOps

Some of the security industry is still cautiously evaluating its relationship with AI. They are weighing questions, sitting with uncertainty, and waiting for something to ease their concerns about trusting AI in production. This post isn't for that group. This is for AI tool developers already in motion. The ones who vibe-coded a log parser over a weekend, spun up local inference on dedicated hardware, or ran cross-model research pipelines across multiple data sources.

"Dirty Frag", Canvas ransomware, "Mini Shai-Hulud" malware & AI-developed zero-day exploit [324]

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows.

The AI attack surface: What MSSPs and SecOps teams need to watch

AI tools are moving faster than the security controls meant to govern them.In this episode of Defender Fridays, Cisco's Cybersecurity Technical Solutions Architect Katherine McNamara walks through changes in the threat landscape as organizations rush to integrate AI without applying basic security discipline. When Katherine meets with customers to discuss AI security, the conversation almost always starts and ends in the same place: data leakage. Someone might upload sensitive files to a public LLM.