← Back to Blog

October 1st, 2024

Developer Roll Up: September 2024

Picture of Christoper Luft, LimaCharlie Co-Founder and Creative Technologist
Christopher Luft
blog post header image

As we close out another month, we're excited to share the latest improvements to the SecOps Cloud Platform. Check out what's new and on the horizon for LimaCharlie:

Events

MSSN CTRL When: Oct 2-4

MSSN CTRL is happening this week in Arlington, VA, bringing together cybersecurity professionals for three days of innovative training, expert insights, and valuable networking. We will be recording the talks and making them public for those who cannot attend in person.

Read our latest blog to learn more about the event

MSSP Alert Live When: Oct 14-16

Visit the LimaCharlie booth at this year's MSSP Alert Live event to connect with the team behind the SecOps Cloud Platform. Stop by to grab some swag and enter our giveaway while you're there!

Defender Fridays When: Every Friday @ 10:30am PT

Join our Defender Fridays series, a weekly exploration of the defensive aspects of cybersecurity featuring insights from experienced industry professionals.

Register for the series

Webinars

Along with our product updates, we hosted several live webinars last month. Check out the recordings: 

Hunting with the LimaCharlie Query Console

Diving Deeper into Advanced macOS Detection and Hunting Techniques

September’s Releases

Ability to Rename Detection and Response Rules

In this release, we added the ability to rename and modify metadata (expiration date, tags, and comment field) in detection and response rules. This makes it easier for users to manage their hive records at scale and offers a better user experience.

Added Analytics to False Positive Rules

We are continuing to add metrics to make it easy for you to see the performance of different components of your security infrastructure.

In this release, we are exposing entity metrics for false positive (FP) rules. On every false positive rule, users can now see how many times an FP rule has prevented detections from triggering. This is in addition to analytics that already exist on sensors, outputs, and d&r rules. Data is updated every ~15 minutes and stored for three months.

Email Sensor

You can now ingest raw emails directly into LimaCharlie using our new Email sensor. To get started, navigate to the sensors list > add new sensor > email and complete the required steps. For details, visit our technical documentation: https://docs.limacharlie.io/docs/telemetry-adapters-adapter-types-imap

EDR v4.31.0

  • macOS bug fixes (note that as far as we found out from our testing, we are unaffected by the macOS Sequoia issues other security vendors are having)

  • Fixing some cases that could lead to temporary files being left behind on disk over time.

Copyright © LimaCharlie 2024