LimaCharlie Documentation¶
Welcome to the official documentation for LimaCharlie - the Agentic SecOps Workspace.
What is LimaCharlie?¶
LimaCharlie is the Agentic SecOps Workspace delivering security operations for the modern era. The platform provides comprehensive enterprise protection that brings together critical cybersecurity capabilities and eliminates integration challenges and security gaps for more effective protection against today's threats.
Quick Navigation¶
-
Getting Started
New to LimaCharlie? Start here to learn the basics and get up and running quickly.
-
Detection & Response
Build custom detection logic with automated response actions to protect your infrastructure.
-
Sensors & Deployment
Deploy sensors across Windows, Linux, macOS, Chrome, and configure log adapters.
-
Data & Queries
Query your security data with LCQL, explore events, and investigate incidents.
-
Integrations
Connect outputs to SIEMs, enable extensions, and integrate with third-party tools.
-
Developer Guide
Programmatic access via Go and Python SDKs for complete platform automation.
-
Administration
Manage organizations, users, access control, and billing.
-
Reference
Technical reference for operators, commands, event schemas, and FAQ.
Platform Capabilities¶
- Agentic AI & Bring-Your-Own-LLM: Run AI agents as full security operators with auditable, governed access to every platform capability
- Endpoint Detection & Response (EDR): Deploy sensors across multiple platforms
- Detection & Response Rules: Build custom detection logic with automated responses
- Real-time Telemetry: Centralized event streaming and data collection
- API Integrations: Connect with threat intelligence, SIEM, and security tools
- Extensions & Add-ons: Expand capabilities with purpose-built integrations
- Cloud-native Architecture: Scalable, API-first platform for modern security operations