LimaCharlie is infrastructure to connect sources of security data, automate activity based on what's being observed, and forward data to where you need it. There's no correct way to use it - every environment is different.
That said, the majority of LimaCharlie users require basic endpoint detection and response (EDR) capabilities. This guide will cover:
All of this can be done within our free tier, which offers full platform functionality for up to two (2) sensors. If you haven't already signed up for a free account, please do so at app.limacharlie.io.
Let's get started!
LimaCharlie organizations are isolated tenants in the cloud, conceptually equivalent to "projects". They can be configured to suit the needs of each deployment.
After accepting the initial Terms of Service, you'll be offered a prompt to create an organization in a selected Region with a globally unique Name.
Region Selection
The region that you select for an organization is permanent. Please also consider regulatory requirements for you and/or your customers' data.
Once the organization is created, you'll be forwarded to our initial dashboard and Sensor list, which will be empty and ready for the next step.
From the Sensors page in your new organization, click Add Sensor to open the setup flow for new sensors. Generally speaking, Sensors are executables that install on hosts and connect them to the LimaCharlie cloud to send telemetry, receive commands, and other capabilities.
Sensors Overview
For a full overview of types of sensors and their capabilities, check out Sensors.
The setup flow should make this process straightforward. For example's sake, let's say we're installing a sensor on a Windows 10 (64 bit) machine we have in front of us.