#mssp — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #mssp, aggregated by home.social.
-
Most AI SecOps vendors ship a fixed platform: the architecture, the workflows, the pricing model are all decided for you.
LimaCharlie's position has always been the opposite. Build the capabilities and the value first, then give operators the freedom to modify, assemble, and build on top of them however their operation requires.
That extends all the way up the stack, from automated agents to deployable AI SOCs you define and run across thousands of tenants as infrastructure as code.
Your toolkit, built on real SecOps infrastructure.
See how it works: https://limacharlie.io/
-
Token-based billing sounds reasonable until you run the numbers at MSSP scale.
With thousands of tenants, variable alert volumes, and no predictable ceiling on monthly AI costs, that model doesn't just create budget problems, it makes AI operationally impossible to commit to.
ASW pricing is structured differently: a flat monthly fee per analyst, covering everything they need. No per-token math, no worst-case scenarios to hedge against, no surprises when a tenant has a bad week.
Predictable costs are what make it possible to actually build AI into how you run a SOC, not just pilot it.
Explore pricing at http://limacharlie.io/pricing
-
Most tools that give you deep forensic flexibility weren't built for enterprise scale. And most enterprise tools weren't built by people who actually work incidents.
John Strand, Owner of Black Hills Information Security, says LimaCharlie is the exception.
During an active incident, the BHIS SOC can pull the telemetry and data they need quickly, without query caps, unnecessary clicks, or waiting.
LimaCharlie delivers security as composable, API-first primitives, giving teams full control over how they collect, query, and act on telemetry. All of it normalized to a single JSON format, stored free for a rolling year, and queryable when it matters most.
Learn more: https://limacharlie.io
-
Today at 10am PT / 1pm ET, we're showing what running a SOC on Claude Code looks like in production.
LimaCharlie CEO Maxime Lamothe-Brassard is walking through live demonstrations inside the Agentic SecOps Workspace, covering:
> Detection triage end-to-end, from alert to case
> Composable agent stacking: triage, false positive baselining, and threat intel
> The lc-agents repo: fork, extend, or contribute your ownJoin the session: https://limacharlie.wistia.com/live/events/n78fkyeer5?utm_campaign=webinar+SOC+operations&utm_source=Mastodon&utm_medium=social
-
Two days until we show what a SOC built on infrastructure-as-code actually looks like in production.
After RSAC, the questions kept coming: how do the agentic operations actually work, and what does it look like beyond the demo?
This session is built for security engineers and MSSP operators who want those answers.
This Wednesday at 10am PT, LimaCharlie CEO Maxime Lamothe-Brassard covers the composable agent architecture, the SOC as IaC model, and the open-source lc-agents repo.
Add it to your calendar: https://limacharlie.wistia.com/live/events/n78fkyeer5?utm_campaign=webinar+SOC+operations&utm_source=mastodon&utm_medium=social
-
The security vendors racing to build proprietary AI models are solving the wrong problem.
Models aren't the bottleneck. The platform is.
Six months from now, the models available to your team will be dramatically better than what exists today. The question is whether your security infrastructure can actually use them.
LimaCharlie doesn't compete in the model race. We built the platform so any model can access 100% of platform capabilities through the same APIs your analysts use.
That parity is what makes the next layer possible: automated agents, and eventually deployable AI SOCs that run as a collection of agents across thousands of tenants at once.
Register for our next AI SecOps Workshop, where we'll use Claude Code with LimaCharlie to deploy agents, build detections, and catch issues before they become incidents: https://limacharlie.wistia.com/live/events/oz9xzr9fk3?utm_campaign=ai+workshop+cloudops+4+2026&utm_source=mastodon&utm_medium=social
-
Most security vendors lock you into capacity-based pricing.
You commit to a number, and you pay for it whether you use it or not. For MSSPs managing customers that scale up and down, that spend adds up fast.
LimaCharlie works differently, with no contracts, no capacity planning, and no price modelling. You pay only for what you use.
For Black Hills Information Security, that means onboarding and offboarding customers quickly without overpaying.
John Strand points out this isn't just an MSSP or small business problem. Large enterprise customers run into the same issue, and the financial impact can be significant.
Estimate your deployment cost with our pricing calculator: https://limacharlie.io/pricing-calculator
-
One message came through clearly at RSAC: security teams want infrastructure they can control, extend, and own. Not another black box AI SOC product with no visibility into how decisions are made.
LimaCharlie's open-source AI triage agents are built for that.
Each agent is a self-contained, installable unit with defined scope, permissions, and behavior, running on real SecOps infrastructure and deployable on demand.
On April 8th at 10am PT / 1pm ET, LimaCharlie CEO and founder Maxime Lamothe-Brassard walks through the architecture live and demonstrates what it actually looks like to run full SOC operations on Claude Code.
-
Alert triage is a reasonable place to start with AI. It is not a reasonable place to stop.
Most of what slows down security service providers has nothing to do with triage.
It's the onboarding that takes multiple days. The cross-tenant configuration work nobody wants to touch. The detection rules that need to be written, tested, and deployed across fifty environments.
Vendor AI addresses one use case at a time, which means a separate product, a separate workflow, and a separate wait for the next release.
ASW takes a different approach.
Give it hundreds of tools, describe the outcome you want, and it finds a way to get there. That's not a feature. That's a fundamentally different way of getting value from AI, across the whole operation, not just the alert queue.
Watch the full keynote: https://www.youtube.com/watch?v=QS0DzO2rNJw
-
Eventus Security Strengthens Global Presence with 3 Cybersecurity Awards Wins
#TycoonWorld #EventusSecurity #GlobalInfoSecAwards2026 #CyberDefenseMagazine #RSAC2026 #CyberSecurityAwards #AIinCybersecurity #ManagedSecurityServices #MDR #MSSP #SOCaaS #CyberDefense #InfoSec #TechAwards #SecurityInnovation #CyberResilience #ThreatIntelligence #ManagedXDR #DigitalSecurity #EnterpriseSecurity #CyberProtection -
Eventus Security Strengthens Global Presence with 3 Cybersecurity Awards Wins
#TycoonWorld #EventusSecurity #GlobalInfoSecAwards2026 #CyberDefenseMagazine #RSAC2026 #CyberSecurityAwards #AIinCybersecurity #ManagedSecurityServices #MDR #MSSP #SOCaaS #CyberDefense #InfoSec #TechAwards #SecurityInnovation #CyberResilience #ThreatIntelligence #ManagedXDR #DigitalSecurity #EnterpriseSecurity #CyberProtection -
Per-alert AI pricing makes AI a non-starter for most service providers.
A hundred alerts a day per tenant, multiplied across dozens of clients, priced per token. The math always comes out wrong.
For MSSPs, that's not just a cost center problem. Getting the economics wrong doesn't just hurt margins, it stops AI adoption entirely.
Agentic SecOps Workspace (ASW) changes that equation. Connect through Claude Code, and AI costs shift from a variable tied to alert volume to a predictable monthly rate per analyst. One tenant spiking doesn't take your margins with it.
Because LimaCharlie's API covers 100% of platform functions, the scope of what that analyst can do expands well beyond triage.
Onboard new clients, write and deploy detection rules, and manage cross-tenant configurations, all in the same session.
LimaCharlie doesn't charge for AI. It's part of the platform.
Get started at http://limacharlie.io
-
Spie ICS déploie une offre de cybersécurité opérée depuis Grenoble et adossée à 60 agences en France
Au Forum InCyber 2026, Spie ICS exposera une chaîne de cybersécurité articulée de l’audit initial au…
#Grenoble #FR #France #Actu #News #Europe #EU #actu #Actualités #Auvergne-Rhône-Alpes #collectivites-locales #cybersecurite #europe #MSSP #Républiquefrançaise #SecNumCloud #socmanagé #spieics
https://www.europesays.com/fr/823032/ -
https://www.europesays.com/fr/823032/ Spie ICS déploie une offre de cybersécurité opérée depuis Grenoble et adossée à 60 agences en France #actu #Actualités #AuvergneRhôneAlpes #CollectivitesLocales #cybersecurite #EU #europe #FR #France #Grenoble #MSSP #News #RépubliqueFrançaise #SecNumCloud #SocManagé #SpieIcs
-
Custom detection rules mean nothing if you're not validating them continuously.
Our Atomic Red Team module is built into the platform and documented publicly, no hidden features, no black box.
For John Strand, Owner of @blackhillsinfosec, that level of transparency was the deciding factor.
The BHIS SOC treats validation as an ongoing practice, not a one-time check.
They run a lot of custom rules and need to know those rules are firing properly on a continuous basis, not just at the next pen test or the next incident. Having Atomic Red Team built directly into the platform makes that possible.
Since making the switch, BHIS can now handle roughly twice the customer load with the same staff.
Watch the full interview: https://www.youtube.com/watch?v=stHEBb-iiys&t=3s
-
Most AI SOC products hide the logic.
Workflows are fixed, customization requires a support ticket, and when an agent makes a decision you disagree with, there's no rule to read and no way to change it.
LimaCharlie's agentic SOC-as-code works differently.
Every rule and agent decision is fully inspectable. If an agent makes a call you disagree with, you can read the rule that triggered it, understand why, and change it.
Three prebuilt configurations are available in LimaCharlie's public GitHub repo, each designed for a different stage of operational maturity:
The Baselining SOC is built for noisy, newly onboarded environments that need FP suppression before real-time triage makes sense.
The Lean SOC runs four agents through a full L1-to-L2 workflow with minimal overhead.
The Tiered SOC mirrors a mature, full-featured SOC with specialist agents for malware analysis, threat hunting, and hourly SLA monitoring.
All three can be running in an afternoon.
Read the full breakdown, including per-alert cost models for each configuration: https://limacharlie.io/blog/using-agentic-soc-as-code-to-right-size-your-ai-operations
-
Running a multi-tool SOC as an MSSP means constantly solving for integration.
Every best-of-breed product your team trusts has to communicate, correlate, and feed into a single view of the customer environment.
For Black Hills Information Security, that centralized layer is LimaCharlie.
LimaCharlie pulls telemetry from across their stack and, for BHIS, the integration experience has been a dream.
Since making the switch, BHIS cut their cost per endpoint by more than half and can now handle roughly twice the customer load with the same staff.
Watch the full interview: https://www.youtube.com/watch?v=stHEBb-iiys&t=3s
-
Jensen Huang poured $10 billion into CUDA over a decade when no market existed for it. Investors called it a waste. He called it inevitable.
The same pattern is visible in SecOps today.
OpenClaw's rapid adoption despite known security vulnerabilities shows demand for operational AI has already outpaced the platforms built to govern it.
That gap between demand and safe infrastructure is exactly where market disruptions live.
Most AI in the SOC occupies the advisory lane: parsing logs, surfacing alerts, handing next steps back to an analyst.
LimaCharlie's Agentic SecOps Workspace was built on a different premise: AI should be a governed operator, not a consultant.
Because the platform is API-first, agents access every platform function with the same permissions model applied to human analysts, full audit trails, and fine-grained access controls that define exactly what each agent can read, write, and execute.
Organizations that build on foundations designed for autonomous operation now will hold the same structural advantage Nvidia held when the AI boom arrived.
Read the full post: https://limacharlie.io/
-
Ah, the classic quest for the holy grail of MSSPs. 🔍 Choose from 94 indistinguishable acronyms, each promising to save your digital bacon with more #buzzwords than a Silicon Valley pitch deck. 🤖 Spoiler: they're all "top-rated" and "trusted worldwide" — just like every other security solution you've already been tricked into buying. 💼 #Innovation!
https://msspproviders.io/ #MSSP #Cybersecurity #Innovation #DigitalSolutions #TechTrends #HackerNews #ngated -
Ah, the classic quest for the holy grail of MSSPs. 🔍 Choose from 94 indistinguishable acronyms, each promising to save your digital bacon with more #buzzwords than a Silicon Valley pitch deck. 🤖 Spoiler: they're all "top-rated" and "trusted worldwide" — just like every other security solution you've already been tricked into buying. 💼 #Innovation!
https://msspproviders.io/ #MSSP #Cybersecurity #Innovation #DigitalSolutions #TechTrends #HackerNews #ngated -
Ah, the classic quest for the holy grail of MSSPs. 🔍 Choose from 94 indistinguishable acronyms, each promising to save your digital bacon with more #buzzwords than a Silicon Valley pitch deck. 🤖 Spoiler: they're all "top-rated" and "trusted worldwide" — just like every other security solution you've already been tricked into buying. 💼 #Innovation!
https://msspproviders.io/ #MSSP #Cybersecurity #Innovation #DigitalSolutions #TechTrends #HackerNews #ngated -
Ah, the classic quest for the holy grail of MSSPs. 🔍 Choose from 94 indistinguishable acronyms, each promising to save your digital bacon with more #buzzwords than a Silicon Valley pitch deck. 🤖 Spoiler: they're all "top-rated" and "trusted worldwide" — just like every other security solution you've already been tricked into buying. 💼 #Innovation!
https://msspproviders.io/ #MSSP #Cybersecurity #Innovation #DigitalSolutions #TechTrends #HackerNews #ngated -
How Do You Choose a Managed Security Service Provider (MSSP)?
#HackerNews #ManagedSecurityServiceProvider #MSSP #Cybersecurity #ITSecurity #SecurityManagement
-
MSSPs onboarding new customers face a fragmented process where EDR deployment, cloud log ingestion, and data source configuration each require separate workflows across multiple sessions and tools.
The Agentic SecOps Workspace (ASW) executes complete onboarding as a unified workflow in minutes.
One request handles endpoint and cloud visibility together. MSSPs get complete tenant coverage without coordinating separate deployment workflows or switching between tools.
Learn more: http://limacharlie.io
-
For MSSPs, standing up a fully configured tenant manually takes hours before a client environment is operationally useful.
Claude Code and LimaCharlie compress that entire process into a single prompt. The tenant gets created, the full Sigma community ruleset gets deployed, Git Sync gets enabled, and a linked GitHub repository gets stood up automatically.
Every configuration is versioned from day one and replicable across every subsequent client.
This works because Claude Code has full access to LimaCharlie, not just a summarized view of it. It provisions, configures, and manages infrastructure directly rather than generating instructions for an analyst to follow.
Full breakdown: https://limacharlie.io/blog/spin-up-a-configured-tenant-in-minutes-with-agentic-ai-security
-
Most EDR vendors eventually make a choice: optimize for large enterprise or stay flexible enough for MSSPs.
John Strand explains what drove Black Hills Information Security to make the switch: multi-tenant architecture built for the MSSP model, licensing that adjusts with workload, and agents light enough that customers stop complaining.
On their previous platform, customers were seeing 70% CPU spikes and asking for uninstalls. On LimaCharlie, utilization sits between 2 and 4%.
Since making the switch, BHIS cut their cost per endpoint by more than half and can now handle roughly twice the customer load with the same staff.
Watch the full interview: https://www.youtube.com/watch?v=stHEBb-iiys&t=3s
-
Most security teams spend days on MITRE ATT&CK coverage analysis. Manual queries, aggregated data, hundreds of techniques cross-referenced by hand.
LimaCharlie's Agentic SecOps Workspace does it in minutes through natural language prompts: inventory orgs and sensors, analyze EDR detections against ATT&CK techniques, and export a full gap analysis as an HTML report.
The reason AI can operate at that speed: LimaCharlie's API covers 100% of platform functions. Agents access the same capabilities as your security engineers, so nothing has to route through a human analyst first.
Full breakdown: https://limacharlie.io/blog/mitre-attack-coverage-analysis-with-agentic-ai-security
-
Multi-cloud onboarding is one of the most time-consuming parts of bringing on a new customer. Authenticating into several environments, discovering data sources, deploying sensors one platform at a time.
LimaCharlie's Agentic SecOps Workspace (ASW) handles the entire sequence from a single prompt.
Our latest blog walks through exactly how Claude Code onboards a new tenant with infrastructure across AWS, Azure, GCP, and DigitalOcean in about 16 minutes:
> Authenticates into each cloud CLI without manual intervention.
> Discovers available data sources across all four environments.
> Deploys EDR sensors across the infrastructure.This is what separates operational AI from advisory AI. Most AI SOC tools would summarize the onboarding checklist and hand it back to an analyst. The ASW executes it.
The bring-your-own-LLM model matters here too. Because every platform function is accessible via API, AI agents work with the same capabilities as your security engineers. There's no separate layer sitting on top of the platform with limited context and fragmented access.
Read the full post: https://limacharlie.io/blog/onboard-multi-cloud-environments-with-agentic-ai-security
-
MSSPs need to hunt for IOCs across their entire customer base quickly. Checking for a suspicious IP, hash, or domain across hundreds or thousands of tenants means querying each environment individually and manually compiling results.
The Agentic SecOps Workspace (ASW) executes parallel IOC hunts across all tenants in minutes.
The agent enumerates tenant organizations, launches simultaneous searches across all environments, executes workflows per tenant, aggregates results, and reports matches with first/last seen timestamps, affected organizations, sensors, and occurrence counts.
Security teams see IOC presence across their entire customer base from a single query.
Learn more: http://limacharlie.io
-
For MSSPs, understanding who has access across your entire customer infrastructure becomes hours of manual work across multiple tenants.
The Agentic SecOps Workspace (ASW) delivers fleet-wide user visibility in minutes.
The agent discovers all organizations, identifies online endpoints across tenants, validates which systems support user collection, executes enumeration on eligible endpoints, and compiles active user accounts into a comprehensive view.
One request generates the foundational intelligence needed for security investigations, insider threat analysis, or access reviews across your entire customer base.
Fleet-wide visibility without manual tenant switching or data compilation. The agent operates across your infrastructure the same way an analyst would, just faster and at scale.
Book a demo: http://limacharlie.io
-
Join us this Wednesday at 10am PT / 1pm ET to see how leading MSSPs are scaling without adding headcount.
The constraint on MSSP growth has never been customer acquisition. It's how many customers your experienced analysts can effectively serve.
Agentic automation changes that. Junior analysts now handle complex investigations, customer onboarding happens in minutes, and detection engineering across hundreds of tenants becomes a natural language conversation.
See the Agentic SecOps Workspace in action:
> L1 analysts completing multi-tenant investigations with full visibility
> Automated detection engineering and reporting across your customer portfolio
> Natural language interfaces for configuration management
> IaC workflows that accelerate onboarding -
https://www.wacoca.com/games/1317857/ 自分たちの写真を使って某名作カードゲームのインスパイア版で遊んでみた!【ナ⚫ジャモ⚫ジャ】 ##GAMING #Game #GameNews #games #GamingNews #MSSP #アナログゲーム #ゲーミング #ゲーミング最新情報 #ゲーム #ゲーム実況 #ゲーム攻略 #ゲーム最新情報
-
The constraint limiting MSSP growth isn't customer acquisition. It's how many customers your senior analysts can effectively serve.
Agentic automation changes that equation.
Join us February 11th at 10am PT / 1pm ET for a live demo of the Agentic SecOps Workspace (ASW).
We'll show how leading MSSPs make junior analysts as effective as senior staff, completing complex investigations in a fraction of the time.
You'll see:
> L1 analysts handling L2-level investigations with full visibility
> Automated detection engineering and reporting across your entire customer portfolio
> Natural language interfaces for complex multi-tenant operations
> IaC approaches that eliminate repetitive onboarding work -
Почему нельзя построить эффективный SOC за месяц и плошку риса
«Давайте быстро развернем SOC» — подобные запросы от руководства компаний учащаются после каждой громкой кибератаки. Возникает иллюзия, что центр мониторинга безопасности можно легко создать за пару недель. Но так ли это? Или дело не в SOC, а в том, кто именно его запускает? На связи Денис Иванов, руководитель по развитию центра мониторинга информационной безопасности в Бастионе. На практике я часто сталкиваюсь с подобными заблуждениями насчет SOC: заказчики путают его с SIEM, не понимают, когда нужен собственный центр мониторинга, а когда — готовая услуга. В статье разберу, почему сформировалось такое искаженное представление о SOC, с какими типичными ошибками сталкиваются компании при его создании и какие подходы действительно работают.
https://habr.com/ru/companies/bastion/articles/979914/
#облачный_SOC #mssp #облачный_SOC_vs_внутренний #зачем_нужен_свой_SOC #сколько_стоит_свой_SOC #inhouse_SOC_или_MSSP #security_operations_center #центр_мониторинга_безопасности #минусы_внутреннего_SOC #информационная_безопасность
-
Киберустойчивость госсектора: ужесточение законов и еще больше ИИ
На дворе конец 2025 года, и мы продолжаем украшать нашу киберёлку подводить киберитоги и делиться киберпрогнозами. Мы уже вглядывались в кибершторм, оценили ландшафт киберугроз , направленных на Россию в целом. Заглянем в госучреждения и законодательные акты.
https://habr.com/ru/companies/pt/articles/978964/
#кибератаки_на_объекты_кии #госсектор #госсопка #законы_в_it #законодательство_и_itбизнес #фстэк_россии #киберинциденты #кибериспытания #mssp #отечественное_по
-
Киберустойчивость госсектора: ужесточение законов и еще больше ИИ
На дворе конец 2025 года, и мы продолжаем украшать нашу киберёлку подводить киберитоги и делиться киберпрогнозами. Мы уже вглядывались в кибершторм, оценили ландшафт киберугроз , направленных на Россию в целом. Заглянем в госучреждения и законодательные акты.
https://habr.com/ru/companies/pt/articles/978964/
#кибератаки_на_объекты_кии #госсектор #госсопка #законы_в_it #законодательство_и_itбизнес #фстэк_россии #киберинциденты #кибериспытания #mssp #отечественное_по
-
Киберустойчивость госсектора: ужесточение законов и еще больше ИИ
На дворе конец 2025 года, и мы продолжаем украшать нашу киберёлку подводить киберитоги и делиться киберпрогнозами. Мы уже вглядывались в кибершторм, оценили ландшафт киберугроз , направленных на Россию в целом. Заглянем в госучреждения и законодательные акты.
https://habr.com/ru/companies/pt/articles/978964/
#кибератаки_на_объекты_кии #госсектор #госсопка #законы_в_it #законодательство_и_itбизнес #фстэк_россии #киберинциденты #кибериспытания #mssp #отечественное_по
-
Киберустойчивость госсектора: ужесточение законов и еще больше ИИ
На дворе конец 2025 года, и мы продолжаем украшать нашу киберёлку подводить киберитоги и делиться киберпрогнозами. Мы уже вглядывались в кибершторм, оценили ландшафт киберугроз , направленных на Россию в целом. Заглянем в госучреждения и законодательные акты.
https://habr.com/ru/companies/pt/articles/978964/
#кибератаки_на_объекты_кии #госсектор #госсопка #законы_в_it #законодательство_и_itбизнес #фстэк_россии #киберинциденты #кибериспытания #mssp #отечественное_по
-
Malta-born congregation ordains first Filipino priest
-
Cybereason Acquired by MSSP Giant LevelBlue https://www.securityweek.com/cybereason-acquired-by-mssp-giant-levelblue/ #Acquisition #M&ATracker #Cybereason #LevelBlue #MSSP #MA
-
Cybereason Acquired by MSSP Giant LevelBlue https://www.securityweek.com/cybereason-acquired-by-mssp-giant-levelblue/ #Acquisition #M&ATracker #Cybereason #LevelBlue #MSSP #MA
-
Cybereason Acquired by MSSP Giant LevelBlue https://www.securityweek.com/cybereason-acquired-by-mssp-giant-levelblue/ #Acquisition #M&ATracker #Cybereason #LevelBlue #MSSP #MA
-
Cybereason Acquired by MSSP Giant LevelBlue https://www.securityweek.com/cybereason-acquired-by-mssp-giant-levelblue/ #Acquisition #M&ATracker #Cybereason #LevelBlue #MSSP #MA
-
ENISA and European Commission Launch €36 Million EU Cybersecurity Reserve to Strengthen Digital Resilience https://thecyberexpress.com/enisa-and-commission/ #EUCybersecurityReserve #TheCyberExpressNews #TheCyberExpress #JuhanLepassaar #FirewallDaily #CyberNews #ENISA #MSSP