Case Study: Large Retail Company contains a supply chain attack and avoids POS downtime with LimaCharlie

LimaCharlie Helps a DFIR Firm Respond to a Supply Chain Attack And Expand Their Business

A large retail company was hit by the SolarWinds supply chain attack and brought in a DFIR firm to investigate a suspected breach across its environment, including a networked POS system that couldn’t be taken offline. The incident response team used LimaCharlie’s self-serve security platform, including EDR/XDR and SASE capabilities, to rapidly deploy sensors and identify compromised endpoints.

Using LimaCharlie, the DFIR team scaled to more than 10,000 endpoints, performed memory dumps, found C&C activity, and contained the breach without disrupting store operations. They isolated POS systems, deployed remediation with Payloads, and hardened monitoring for future attacks; the engagement was contained in about 24 hours, and the relationship ultimately expanded into a long-term MDR account for the retail customer.