Blog
Sandfly 2.8.2 – Over 1,000 Linux Compromise Detection Modules and More
January 20, 2021
Sandfly 2.8.2 is here and features many upgrades including over 1,000 compromise detection and incident response modules for Linux. This…
Linux Malware Investigation Myth: You Don’t Need a Debugger
January 19, 2021
A big myth around investigating Linux malware is that the first tool you need is a debugger and deep knowledge of assembly to understand…
Investigating Linux Process File Descriptors for Incident Response and Forensics
January 07, 2021
Let’s talk about Linux file descriptors and how to investigate a malicious process using them. What Is a File Descriptor? Since the…
Sandfly 2.8.0 – Agentless Active Attack Response for Linux
November 17, 2020
Sandfly 2.8.0 is released and features a major new upgrade allowing users to automatically respond to detected Linux attacks agentlessly. In…
Sandfly 2.7.2 – Performance Update
September 24, 2020
Sandfly 2.7.2 has been released. This is a bug fix release to address a performance issue. In the last release Sandfly introduced more…
Getting In The Fight
September 04, 2020
Let’s talk about how to be effective detecting intruders. Or what we at Sandfly Security simply call: Getting in the fight . First to lay…