SBN

Information Architecture

Trying to communicate the depth and breadth of LimaCharlie has proven to be one of our biggest challenges. Our small and talented team has pushed out over 124 updates since March and the pace is quickening as we add more boots to the effort.

The emergent features and services that become possible as the different components interact with each other is exploding, and it can be dizzying. In order to combat the information spread we have implemented top-level categories to organize the various technologies, capabilities and resources. It is our hope that this approach will help our users get what they need more easily and help them make the most of LimaCharlie’s vast array of capabilities. The various top-level elements are outlined below and are now clearly defined in the documentation.

Access

LimaCharlie employs a fine-grained permission scheme across the API and user accounts. A detailed overview can be found here.

Agent

The LimaCharlie agent – or sensor – is fully interactive and can monitor over 70 different event types. The agent is written in C and then compiled for each different platform and architecture it runs on which means is that it has true feature parity across all operating systems. A detailed overview can be found here.

Code

LimaCharlie provides standalone tools for security professionals to get started hunting out of the box but at its heart it is a toolbox for builders. This section of the documentation is a place where developers can find the resources they need to build and monetize their own products. A detailed overview can be found here.

Edu

Education and open data is at the heart of LimaCharlie. To ensure that users get up to speed quickly – and make the most of the platform – LimaCharlie provides a host of educational resources. A detailed overview can be found here.

Hunt

LimaCharlie is information security tools and infrastructure. Infrastructure to support any scale and tools to help analysts get started hunting as they grow into the platform. A detailed overview can be found here.

Marketplace

LimaCharlie offers additional free and paid integrated services through it's Add-Ons Marketplace. A detailed overview can be found here.

Output

The data produced by the LimaCharlie endpoint is under the complete control of the user. LimaCharlie provides extensive storage and search options as part of its core offering but makes the full telemetry stream available to users. A detailed overview can be found here.

Storage

By default LimaCharlie stores a full year of searchable endpoint telemetry as well as log files, binary assets and more. A detailed overview can be found here.


*** This is a Security Bloggers Network syndicated blog from LimaCharlie's Blog authored by LimaCharlie's Blog. Read the original post at: https://www.limacharlie.io/blog/information-architecture