Introducing LimaCharlie Comms: Operations at Scale

Introducing LimaCharlie Comms: Operations at Scale

Comms is built for Digital Forensics & Incident Response. It is a console, communications platform and audit trail that is deeply integrated with all aspects of LimaCharlie. It is not something that was bolted on after the fact but rather something that has been purposefully built to operationalize the full power of LimaCharlie towards responding to threats and defending against attackers.

Comms turns a bloated ticketing system into a powerful real-time collaboration capability. Feel confident taking decisive action knowing that your team will see the process and be able to contribute to the investigation and remediation. Rich linking of entities allows your team to observe trends across detections: like an endpoint with several detected threats, or a common detection popping up on several boxes. Navigate between them easily or merge rooms together to create a shared context for complex emerging issues.

General Links



Free Education:

Course Playlists

Basic Detection & Response:

Advanced Detection & Response:

Secure Access Service Edge:

Leveraging Community Resources:

Setting up An MSSP:

Using the CLI & SDK:

Ingesting Log Files & Artifacts:

Zeek Network Monitoring:

Incident Response:

Real-time Windows Event Logs:

Responding to HAFNIUM:

The Add-on Marketplace:

Social Media

Community Slack Channel: