Sandfly 1.5.0 has been released with many new detection methods for Linux rootkits, malware and suspicious activity. The latest update expands on our already thorough intrusion detection and threat hunting net for Linux. This version …
IMPORTANT If your organization is experiencing a Linux breach you can contact us and we can help you with a trial license of Sandfly to help identify and contain the incident quickly. The manual steps below …
READ MORELinux Command Line Forensics and Intrusion Detection Cheat Sheet
Sandfly founder Craig Rowland did a presentation on the insider’s history of Intrusion Detection Systems at the Christchurch HackerCon. His slides are below and a video will be released when it is made available from …