4. Security & Compliance

Displays current user authentication details. Requires valid credentials. Used for managing authentication state in the CLI.

Conducts security code reviews to identify OWASP Top 10 vulnerabilities and validate secure authentication/authorization implementations.

Applies STRIDE methodology to identify security threats, analyze attack surfaces, and assess risks in system architectures.

Tests web accessibility compliance using screen readers and validates ARIA attributes and semantic HTML structure.

Validates web content against WCAG 2.1 AA/AAA standards, identifies accessibility issues, and provides remediation strategies for compliance.

Automates scanning of code and dependencies for security vulnerabilities, triages findings, and prioritizes remediation efforts.

Analyzes code and commit history to detect sensitive information leaks, providing security audit capabilities for repositories.

Analyzes binaries via IDA Pro's headless Python API for disassembly, function extraction, and cross-references without GUI interaction.

Independent code auditor that verifies code integrity against change logs without requiring prior context or background.

Generates comprehensive health and status reports for security sensors across all LimaCharlie organizations, addressing connectivity, data availability, and fleet-wide health queries.

Integrates Velociraptor DFIR with LimaCharlie for forensic triage, incident response, and threat hunting via VQL artifacts and sensor data.

Creates holistic security investigations from events, detections, or LCQL queries, covering initial access, lateral movement, and host context for incident response and threat hunting.

Deploys a temporary LimaCharlie EDR agent on local Linux/Mac for testing detection rules and sensor behavior with automatic cleanup.

Automates creation and testing of false positive rules for security detections, reducing alert fatigue via data analysis and human-in-the-loop approval.

Assistant for creating, testing, and deploying detection and response rules in LimaCharlie, leveraging threat analysis and event data research.

Tracks LimaCharlie sensor coverage, identifying gaps (stale endpoints, Shadow IT), validating telemetry health, and ensuring asset compliance via risk scoring and SLA tracking.

Generates multi-tenant security and operational reports from LimaCharlie with billing summaries, detection trends, and configuration audits using data accuracy guardrails.

Deploys a temporary LimaCharlie Adapter locally to test log ingestion, auto-detecting sources and streaming logs to a LimaCharlie organization.

Analyzes threat reports and IOC data to identify malicious indicators, generate LCQL queries, and create detection rules for security investigations.

Provides unified access to LimaCharlie security operations, listing organizations, sensors, rules, detections, and executing LCQL queries via delegated sub-agent calls.

Manages EDR sensor tasks for data collection, live response, and automated security actions across endpoint fleets.

Automates false positive pattern detection in security alerts by analyzing historical data, identifying noise patterns, and generating precise rules for user approval to reduce alert fatigue.

Provides meticulous security audits for code and plans, identifying all vulnerabilities with thorough documentation and uncompromising honesty.

Specializes in security issue resolution and red teaming, using an attacker's mindset to identify and fix vulnerabilities systematically.