LimaCharlie benefits security organizations by providing the core technologies required for cybersecurity operations such as EDR, log ingestion, software defined networking and more. It does this with a self-serve, usage-based model. Run your operations through the web application or leverage the API and infrastructure-first approach to integrate at scale. Join us for this webinar to learn the best practices, tips and tricks for handling an incident.

This LimaCharlie integration of Red Canary's Atomic Red Team enables users to run tests mapped to the MITRE ATT&CK® framework against their deployments with just a few clicks of a button. Security teams can use Atomic Red Team to quickly, portably, and reproducibly test their environments. General Links Course Playlists Social Media.

Comms is built for Digital Forensics & Incident Response. It is a console, communications platform and audit trail that is deeply integrated with all aspects of LimaCharlie. It is not something that was bolted on after the fact but rather something that has been purposefully built to operationalize the full power of LimaCharlie towards responding to threats and defending against attackers.

This video is a brief demonstration of LimaCharlie's historical threat hunting capability.

Learn how easy it is to create a detection and response rule directly from telemetry generated by the LimaCharlie EDR. General Links Course Playlists Social Media.

The responder - or sweep sensor functionality - is designed for incident responders or any one else trying to get the ground truth on a box. With one click of a button you can get list of processes and modules, a list of any unsigned binary code, autoruns, services, drivers, network connections, which sockets are listening on which ports and what is active on the network. It will also look for hidden modules or any indicators that are new to your organization.

This video walks through the manual installation of LimaCharlie Net. LimaCharlie Net (lc-net) allows you to secure and monitor network access to your endpoints by providing advanced instrumented VPN access. lc-net endpoints appear like other endpoints in your LimaCharlie deployment, but they're quite different in nature. These lc-net endpoints need to be provisioned to be accessed. By provisioning an lc-net endpoint, you create a set of VPN credentials that can be used by a single device. One set of credentials should be used by only a single device, and not shared among devices.

This video demonstrates how LimaCharlie users can configure an Organization to send detection telemetry into a Slack Channel.

We see Infrastructure as Code (IaC) in LimaCharlie as one of our super powers. But we know sometimes it's not the most convenient approach to apply quick IaC templates. This service now allows you to do what you used to do using the CLI, but through the service and its API. On top of the API it provides, it also has its own section in the web UI that makes it easy to copy/paste your org's current configuration for backup, transfer to another org or tweaking.

LimaCharlie offers a pure usage-based billing model where you can deploy a cross-platform, highly capable EDR for as little as $0.02 per endpoint per month. Pricing under this model is calculated solely on the time the sensor is connected, events processed and events stored.