This week's Defender Fridays features Brian Carrier, CEO of Sleuth Kit Labs, discussing EDR, DFIR and Endpoint Triage.

We'll explore how SOCs can effectively investigate endpoints after alerts to decide whether to wipe it or call an IR team. Brian will cover leveraging EDR data and additional forensic artifacts for better Endpoint Triage, helping teams cut through the overwhelming amount of information to make informed response decisions.

Perfect for security professionals at any level looking to enhance their endpoint investigation skills.

Register for the series: https://limacharlie.io/defender-fridays

#defenders #cybersecurity #edr

Are AI agents the future of cybersecurity operations, or are they adding another layer of complexity?

In the latest episode of the Cybersecurity Defenders Podcast, Filip Stojkovski, Staff Security Engineer at Snyk, delivers a clear and technical perspective on how AI is reshaping SOC operations.

With over 15 years of experience, Filip highlights real-world scenarios where AI agents perform well, such as incident enrichment and triage, and where traditional playbooks are still essential.

He also outlines key risks tied to early adoption, including prompt injection threats and lack of audit transparency, and shares a practical four-step framework for teams beginning their AI journey.

Listen to the full episode here: https://limacharlie.io/podcast?wchannelid=1bbncmrkw3&wmediaid=h6v4s7wefr

#cybersecurity #defenders #podcast

Manual incident response is draining your team's resources.

Time is critical when responding to security incidents. But traditional security tools force analysts into tedious manual workflows: searching platforms, listing processes, hunting for threats one endpoint at a time.

Thomas Murray, a global risk management consultancy serving financial and government sectors, found a better way with our SecOps Cloud Platform.

"Eliminating repetitive, manual tasks and leveraging the SCP's API to perform remote actions led to huge time savings and greatly improved usability and connectivity with our internal systems and procedures." - Guillermo Roman, Senior DFIR Analyst

Watch the full webinar: https://limacharlie.io/webinars?wchannelid=fy1wct3rkg&wmediaid=f2jxyrlpws

#cybersecurity #dfir

Not all "SecOps platforms" are created equal.

The cybersecurity market is flooded with vendors claiming to offer SecOps platforms, but many fall short of the basic requirements. So what makes a true SecOps platform?

A genuine SecOps platform must:
✅ Enable real SecOps - Engineering-focused with DevOps principles, not just "ClickOps"
✅ Be scalable - Extensive automation and multi-tenancy capabilities
✅ Stay open - API-first access with full visibility, no black boxes
✅ Integrate seamlessly - Unified platform where capabilities work together
✅ Maintain quality - Enterprise-grade tools that meet operational goals
✅ Stay extensible - Easy integration with third-party solutions

Red flags to watch for:
❌ Poor integration between modules
❌ Limited visibility or paywalled API access
❌ Manual, point-and-click operations
❌ Difficulty working with external tools

Our SecOps Cloud Platform delivers true platform capabilities with a public cloud-like model: on-demand, pay-per-use, and API-first without mandatory minimums or inflexible contracts.

Read our full breakdown on what defines a real SecOps platform and why it matters for your security operations (blog link in comments).

#cybersecurity

Today, Hayden Covington from Black Hills Information Security joins us to discuss keeping the human element in security operations.

Join the conversation: https://info.limacharlie.io/defender-fridays?utm_source=linkedin&utm_medium=organic_social&utm_content=webinar&utm_campaign=defender_fridays&utm_term=&lead_source_detail=mastodon

#cybersecurity #defenders

This Friday, we're joined by Hayden Covington, SOC SecOps Lead at Black Hills Information Security, for a timely discussion about preserving human-centered approaches in modern security operations.

In the age of SOAR and AI automation, Hayden will explore why maintaining human interaction and touchpoints remains critical, even when it introduces friction or takes additional time to investigate.

See you there: https://info.limacharlie.io/defender-fridays?utm_source=organic_social&utm_medium=organic_social&utm_content=webinar&utm_campaign=defender_fridays&utm_term=&lead_source_detail=mastodon

#cybersecurity #defenders

How do you deliver tailored cybersecurity services across diverse client needs while maintaining speed and competitive advantage?

Thomas Murray, a global risk management consultancy, solved this challenge with our SecOps Cloud Platform - streamlining how they serve clients in financial, banking, and government sectors.

Their challenge: Finding flexible solutions that worked with their automation-first approach and deep industry expertise, without the complexity of traditional vendor offerings.

Our platform delivered:

> API-first architecture for seamless integrations and automation
> Multi-tenant capabilities for efficient client management
> Infrastructure-as-code to eliminate manual processes
> Flexible data routing with 1-year free storage included
> Pay-per-use pricing with no vendor lock-in

"The ease of automation reduced our development time from days to hours, or hours to minutes, allowing us to deliver fast and cost-effective solutions for our clients." - Guillermo Roman, Senior DFIR Analyst

Read the full case study, link in the comments!

#cybersecurity #dfir #infosec

Austin security folks: Workshop starts in 2 days!

🗓️ WEDNESDAY, June 11th | Full Schedule

10:00-12:00 → Integrating contextual threat intelligence with SOCRadar
12:00-12:45 → Taco bar lunch break
12:45-2:45 → Building scalable security infrastructure with LimaCharlie
3:00-5:00 → Orchestrating automated workflows with Tines
5:00→ Happy hour networking

Perfect for seasoned security engineers from enterprise SOCs and MSSPs ready to upgrade their security operations.

Registration closing soon: https://lu.ma/defenders-tour-austin?utm_source=limacharlie

This is your chance to dive deep into three powerful platforms with expert guidance and plenty of networking opportunities.

#austin #secops