Almost eight years ago, Christof Jungo, who was at the time head of security architecture and engineering at Swisscom, proposed the idea of cybersecurity middleware. Christof’s idea was that although it is easy to collect all security telemetry in one place, it is difficult to operationalize it for fast and efficient incident response. He proposed a concept of interchangeable and interoperable parts that can act as a middleware, a higher-level abstraction layer for security.

Spring is in the air and the team at LimaCharlie continues on its quest to change the way that cybersecurity tools and supporting infrastructure are delivered. Join us for this month’s live webinar where Matt Bromiley, our Lead Solutions engineer, will be discussing LimaCharlie's detection and response capabilities. In this live webinar, we will look at: This is part two of a multi-part education series (part 1 here), where we look at different ways to utilize the LimaCharlie platform.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) defines insider threat as “the potential for an insider to use their authorized access or understanding of an organization to harm that organization.” The nature of insider threats is fairly wide-ranging. Most of us in the security field will naturally think of insider threats in cybersecurity terms, but CISA’s definition includes things like espionage, terrorism, and workplace violence.

Integrating LimaCharlie with Datadog increases visibility for LimaCharlie users. In this article, we will look at two ways you can configure the integration to help security teams streamline workflows.

LimaCharlie offers many of the capabilities of a security information and event management (SIEM) solution, although it is not a SIEM. In this article, we’ll talk about LimaCharlie vs traditional SIEMs—and explain how our platform can be used to reduce or replace SIEM usage and help cybersecurity teams save money.

We recently launched the LimaCharlie Query console which makes the underlying LimaCharlie Query Language (LCQL) more accessible. Users can now easily operationalize the full year of telemetry retained by LimaCharlie, reducing or eliminating the need to send telemetry into 3rd party SIEM-like tools such as Splunk and ELK. It is an exciting new set of capabilities that opens a whole new world of possibilities.