LimaCharlie - the most advanced cross-platform open source endpoint detection and response solution - is now available as a cloud hosted utility. Get data flowing in minutes for no cost using the free tier and take advantage of all of the advanced functionality.
With LimaCharlie you can:
- Output your data wherever you want. LimaCharlie has modules supporting Slack, S3, SFTP, Syslog and SCP.
- Create custom detection and response rules.
- Browse the ever-growing collection of detections and subscribe to any you wish at the click of a button.
- Use the full-featured and well documented REST API: from sensor tagging to the creation of Detection & Response rules to sending interactive commands to the sensors.
- Use the Python command line utility that functions as an abstraction of the API. The utility provides real-time interaction with the sensors and enables advanced hunter capabilities.
- Streamline the way your team responds to threats using LimaCharlie's integration with Slack.
- Make use of YARA file and memory scanning to identify malware. YARA provides a rule-based approach to create descriptions of malware families based on textual or binary patterns.
- Use VirusTotal by bringing your own key and have hashes from your endpoints checked on VT automatically. Save money by pooling your queries.
And sadly this mean that we no longer have the ability to maintain the open source version.
We do plan on re-openning parts as time goes on and we also plan on offering our support to the community by way of various educational and researcher licenses. If you have any questions or concerns, please feel free to reach out to us at email@example.com.
- The Refraction Point team.