Blog

Sandfly 2.8.2 – Over 1,000 Linux Compromise Detection Modules and More

January 20, 2021

Sandfly, Sandfly Update, Update

Sandfly 2.8.2 is here and features many upgrades including over 1,000 compromise detection and incident response modules for Linux. This…

Linux Malware Investigation Myth: You Don’t Need a Debugger

January 19, 2021

Linux Forensics

A big myth around investigating Linux malware is that the first tool you need is a debugger and deep knowledge of assembly to understand…

Investigating Linux Process File Descriptors for Incident Response and Forensics

January 07, 2021

Linux Forensics

Let’s talk about Linux file descriptors and how to investigate a malicious process using them. What Is a File Descriptor? Since the…

Sandfly 2.8.0 – Agentless Active Attack Response for Linux

November 17, 2020

Sandfly, Sandfly Update, Update

Sandfly 2.8.0 is released and features a major new upgrade allowing users to automatically respond to detected Linux attacks agentlessly. In…

Sandfly 2.7.2 – Performance Update

September 24, 2020

Sandfly, Sandfly Update, Update

Sandfly 2.7.2 has been released. This is a bug fix release to address a performance issue. In the last release Sandfly introduced more…

Getting In The Fight

September 04, 2020

Linux Malware, Malware, Sandfly

Let’s talk about how to be effective detecting intruders. Or what we at Sandfly Security simply call: Getting in the fight . First to lay…