#mssp — Public Fediverse posts on home.social

LimaCharlie @[email protected] · 2026-04-22 · 15:35 UTC

Most AI SecOps vendors ship a fixed platform: the architecture, the workflows, the pricing model are all decided for you.

LimaCharlie's position has always been the opposite. Build the capabilities and the value first, then give operators the freedom to modify, assemble, and build on top of them however their operation requires.

That extends all the way up the stack, from automated agents to deployable AI SOCs you define and run across thousands of tenants as infrastructure as code.

Your toolkit, built on real SecOps infrastructure.

See how it works: https://limacharlie.io/

#mssp #secops #ai #agenticai

LimaCharlie @[email protected] · 2026-04-20 · 15:30 UTC

Token-based billing sounds reasonable until you run the numbers at MSSP scale.

With thousands of tenants, variable alert volumes, and no predictable ceiling on monthly AI costs, that model doesn't just create budget problems, it makes AI operationally impossible to commit to.

ASW pricing is structured differently: a flat monthly fee per analyst, covering everything they need. No per-token math, no worst-case scenarios to hedge against, no surprises when a tenant has a bad week.

Predictable costs are what make it possible to actually build AI into how you run a SOC, not just pilot it.

Explore pricing at http://limacharlie.io/pricing

#mssp #secops #ai #agenticai

LimaCharlie @[email protected] · 2026-04-08 · 15:23 UTC

Today at 10am PT / 1pm ET, we're showing what running a SOC on Claude Code looks like in production.

LimaCharlie CEO Maxime Lamothe-Brassard is walking through live demonstrations inside the Agentic SecOps Workspace, covering:

> Detection triage end-to-end, from alert to case
> Composable agent stacking: triage, false positive baselining, and threat intel
> The lc-agents repo: fork, extend, or contribute your own

Join the session: https://limacharlie.wistia.com/live/events/n78fkyeer5?utm_campaign=webinar+SOC+operations&utm_source=Mastodon&utm_medium=social

#secops #ai #cybersecurity #mssp

LimaCharlie @[email protected] · 2026-04-06 · 15:25 UTC

Two days until we show what a SOC built on infrastructure-as-code actually looks like in production.

After RSAC, the questions kept coming: how do the agentic operations actually work, and what does it look like beyond the demo?

This session is built for security engineers and MSSP operators who want those answers.

This Wednesday at 10am PT, LimaCharlie CEO Maxime Lamothe-Brassard covers the composable agent architecture, the SOC as IaC model, and the open-source lc-agents repo.

Add it to your calendar: https://limacharlie.wistia.com/live/events/n78fkyeer5?utm_campaign=webinar+SOC+operations&utm_source=mastodon&utm_medium=social

#secops #ai #cybersecurity #mssp

LimaCharlie @[email protected] · 2026-04-02 · 16:03 UTC

The security vendors racing to build proprietary AI models are solving the wrong problem.

Models aren't the bottleneck. The platform is.

Six months from now, the models available to your team will be dramatically better than what exists today. The question is whether your security infrastructure can actually use them.

LimaCharlie doesn't compete in the model race. We built the platform so any model can access 100% of platform capabilities through the same APIs your analysts use.

That parity is what makes the next layer possible: automated agents, and eventually deployable AI SOCs that run as a collection of agents across thousands of tenants at once.

Register for our next AI SecOps Workshop, where we'll use Claude Code with LimaCharlie to deploy agents, build detections, and catch issues before they become incidents: https://limacharlie.wistia.com/live/events/oz9xzr9fk3?utm_campaign=ai+workshop+cloudops+4+2026&utm_source=mastodon&utm_medium=social

#mssp #secops #ai #agenticai

LimaCharlie @[email protected] · 2026-03-31 · 15:23 UTC

One message came through clearly at RSAC: security teams want infrastructure they can control, extend, and own. Not another black box AI SOC product with no visibility into how decisions are made.

LimaCharlie's open-source AI triage agents are built for that.

Each agent is a self-contained, installable unit with defined scope, permissions, and behavior, running on real SecOps infrastructure and deployable on demand.

On April 8th at 10am PT / 1pm ET, LimaCharlie CEO and founder Maxime Lamothe-Brassard walks through the architecture live and demonstrates what it actually looks like to run full SOC operations on Claude Code.

Register: https://limacharlie.wistia.com/live/events/n78fkyeer5?utm_campaign=webinar+SOC+operations&utm_source=Mastodon&utm_medium=social

#secops #ai #cybersecurity #mssp

LimaCharlie @[email protected] · 2026-03-30 · 16:10 UTC

Alert triage is a reasonable place to start with AI. It is not a reasonable place to stop.

Most of what slows down security service providers has nothing to do with triage.

It's the onboarding that takes multiple days. The cross-tenant configuration work nobody wants to touch. The detection rules that need to be written, tested, and deployed across fifty environments.

Vendor AI addresses one use case at a time, which means a separate product, a separate workflow, and a separate wait for the next release.

ASW takes a different approach.

Give it hundreds of tools, describe the outcome you want, and it finds a way to get there. That's not a feature. That's a fundamentally different way of getting value from AI, across the whole operation, not just the alert queue.

Watch the full keynote: https://www.youtube.com/watch?v=QS0DzO2rNJw

#mssp #secops #ai #agenticai

LimaCharlie @[email protected] · 2026-03-27 · 15:32 UTC

Per-alert AI pricing makes AI a non-starter for most service providers.

A hundred alerts a day per tenant, multiplied across dozens of clients, priced per token. The math always comes out wrong.

For MSSPs, that's not just a cost center problem. Getting the economics wrong doesn't just hurt margins, it stops AI adoption entirely.

Agentic SecOps Workspace (ASW) changes that equation. Connect through Claude Code, and AI costs shift from a variable tied to alert volume to a predictable monthly rate per analyst. One tenant spiking doesn't take your margins with it.

Because LimaCharlie's API covers 100% of platform functions, the scope of what that analyst can do expands well beyond triage.

Onboard new clients, write and deploy detection rules, and manage cross-tenant configurations, all in the same session.

LimaCharlie doesn't charge for AI. It's part of the platform.

Get started at http://limacharlie.io

#mssp #secops #ai #agenticai

LimaCharlie @[email protected] · 2026-03-23 · 15:51 UTC

Most AI SOC products hide the logic.

Workflows are fixed, customization requires a support ticket, and when an agent makes a decision you disagree with, there's no rule to read and no way to change it.

LimaCharlie's agentic SOC-as-code works differently.

Every rule and agent decision is fully inspectable. If an agent makes a call you disagree with, you can read the rule that triggered it, understand why, and change it.

Three prebuilt configurations are available in LimaCharlie's public GitHub repo, each designed for a different stage of operational maturity:

The Baselining SOC is built for noisy, newly onboarded environments that need FP suppression before real-time triage makes sense.

The Lean SOC runs four agents through a full L1-to-L2 workflow with minimal overhead.

The Tiered SOC mirrors a mature, full-featured SOC with specialist agents for malware analysis, threat hunting, and hourly SLA monitoring.

All three can be running in an afternoon.

Read the full breakdown, including per-alert cost models for each configuration: https://limacharlie.io/blog/using-agentic-soc-as-code-to-right-size-your-ai-operations

#cybersecurity #secops #mssp #ai