Blog - Page 5 of 5 - Sandfly Security

Christchurch Hacker Con 2017 Linux Forensics Slides

June 6, 2018May 30, 2018

The slides for Craig’s talk on command line Linux Forensics from the 2017 Christchurch Hacker Con can be found here: Christchurch Hacker Con 2017 Linux Digital Forensics Presentation The slides cover using basic command line …

Sandfly Documentation Now Online

May 30, 2018May 30, 2018

We have posted the Sandfly documentation online for customers and those interested in reading about how to operate the product. Sandfly can help you work through a security incident by automatically pulling over forensic information …

Sandfly 1.1.11 Updates

May 29, 2018May 28, 2018

Sandfly 1.1.11 is now available. This release has many new Sandflies that detect the following Linux threats: Greatly enhanced process forensics data. Malicious and suspicious process environment capture. Ability to see the IP address of …

Linux Malware Persistence with Cron

May 2, 2018May 2, 2018

If malware is anything at all, it’s persistent. On Linux, just like Windows, malware once loaded wants to stay loaded. On Windows systems this is usually done with a variety of registry mechanisms. For Linux …

Detect Linux Loadable Kernel Module Stealth Rootkits Agentlessly with Sandfly

May 30, 2018April 27, 2018

Watch Sandfly’s agentless intrusion detection and threat hunting technology detect a Linux stealth rootkit. Sandfly automates the investigation and alerting of Linux rootkit compromises so you can respond quickly to threats. Hunt for rootkits. Don’t …

Linux Command Line Forensics Presentation at Christchurch Hacker Con 2017

April 27, 2018April 27, 2018

Craig Rowland presented last October at the Christchurch HackCon on the topic of using basic command line tools for Linux forensic investigation. His talk focused around using built-in command line tools and careful observation to …

Sandfly 1.1.4 Updates

April 27, 2018April 27, 2018

Sandfly 1.1.4 is available. Includes 10 new sandflies to expand Linux stealth rootkit detection, process anti-forensics, log file tampering, suspicious user activity, and process masquerading attacks.

Christchurch Hacker Con Linux Digital Forensics Video

May 30, 2018April 19, 2018

The video of Craig’s talk at the Christchurch Hacker Con has been posted to YouTube. This video covers the slides posted here on the blog which includes using basic Linux command line tools for intrusion detection …

Hello, World – Sandfly 1.1 is now available

April 19, 2018

After much time coding and testing, we are pleased to announce that Sandfly 1.1 is now released. Sandfly is an agentless security investigator and compromise detection system for Linux. With Sandfly you can have an …

Sandfly Blog