Sandfly REST API Published
Sandfly rides on top a full featured REST API. Users can now access the REST API documentation below: Sandfly REST API Every aspect of Sandfly can be controlled through the API and integrated into your …
Linux Cryptomining Malware Podcast Interview
Sandfly founder Craig Rowland discusses Linux cryptomining malware on the Digital Forensics Survival Podcast with host Michael. They go over what this class of malware does, how it gets onto Linux systems, what to look for …
Sandfly 1.4.6 – Performance and Syslog Updates
Performance Updates Sandlfy 1.4.6 is released. This update adds significant performance increases to the backend enabling faster handling of a large number of hosts. Thanks to our agentless design, Sandfly was always able to scan …
Sandfly 1.4.4 – Mind your PIDness
Sandfly 1.4.4 Update Sandfly 1.4.4 is now released. We have added some new sandflies and broken out an older one to be more granular. Feature list: Sandflies to flag running processes under hidden subdirectories. Sandflies to detect malicious …
Sandfly Featured in the New Zealand Herald
Sandfly had a write-up about our company and inspiration: An annoying biting insect from Fiordland. Sandflies Keep Businesses Safe in the New Zealand Herald.
Agentless Incident Response Sandflies and More Stealth Rootkit De-Cloaking: Sandfly 1.4.2 Released
Sandfly 1.4.2 Update Sandfly 1.4.2 is now released. This version brings back the old “Recon” sandflies as “Incident” sandflies for use for Incident Response (IR) or those wanting to do spot checks on hosts for …
De-Cloaking Linux Stealth Rootkits, Whitelisting and UI Updates: Sandfly 1.4 Released
Sandfly 1.4 has been released. We now have capabilities to de-cloak data being hidden by common Linux loadable kernel module stealth rootkits. This capability works even when they are active and trying to evade detection. …
READ MOREDe-Cloaking Linux Stealth Rootkits, Whitelisting and UI Updates: Sandfly 1.4 Released
Why Agentless Security is Needed on Linux
When looking to secure Linux, you may be wondering: What is the main advantage of an agentless product like Sandfly over agent-based security solutions that exist? The answer is simple: It’s difficult for an agent-based …
Linux Malware Cryptominer Detection and Forensics
This year we have seen a huge uptick in cryptomining malware against Linux servers. The usual attack vector is the following: A brute force attack against SSH accounts. Automated install of a pre-compiled binary once …
Sandfly 1.3 Update
A new version of Sandfly has been released. Version 1.3 has the following changes: Container OS was switched from Alpine to Ubuntu Minimal for better compatibility and more up to date packages. TLS 1.1 has …