Ninjas on Rooftops – A Better Approach to Linux Threat Hunting
February 12, 2019
Intrusion detection thought for the day: Someone trying to hide is a signature.
In this video, Sandfly founder Craig Rowland discusses why hunting for hiding tactics vs. specific exploit signatures is an effective way to find intruders on Linux. Sandfly has a lot of investigation capability around finding malicious hiding activity and tampering on Linux for this reason.