Blog - Page 5 of 7 - Sandfly Security

Sandfly 1.4.6 – Performance and Syslog Updates

October 18, 2018October 18, 2018

Performance Updates Sandlfy 1.4.6 is released. This update adds significant performance increases to the backend enabling faster handling of a large number of hosts. Thanks to our agentless design, Sandfly was always able to scan …

Sandfly 1.4.4 – Mind your PIDness

September 20, 2018September 20, 2018

Sandfly 1.4.4 Update Sandfly 1.4.4 is now released. We have added some new sandflies and broken out an older one to be more granular. Feature list: Sandflies to flag running processes under hidden subdirectories. Sandflies to detect malicious …

Sandfly Featured in the New Zealand Herald

September 13, 2018September 13, 2018

Sandfly had a write-up about our company and inspiration: An annoying biting insect from Fiordland. Sandflies Keep Businesses Safe in the New Zealand Herald.

Agentless Incident Response Sandflies and More Stealth Rootkit De-Cloaking: Sandfly 1.4.2 Released

September 4, 2018September 4, 2018

Sandfly 1.4.2 Update Sandfly 1.4.2 is now released. This version brings back the old “Recon” sandflies as “Incident” sandflies for use for Incident Response (IR) or those wanting to do spot checks on hosts for …

De-Cloaking Linux Stealth Rootkits, Whitelisting and UI Updates: Sandfly 1.4 Released

August 28, 2018August 28, 2018

Sandfly 1.4 has been released. We now have capabilities to de-cloak data being hidden by common Linux loadable kernel module stealth rootkits. This capability works even when they are active and trying to evade detection. …

Why Agentless Security is Needed on Linux

August 22, 2018August 21, 2018

When looking to secure Linux, you may be wondering: What is the main advantage of an agentless product like Sandfly over agent-based security solutions that exist? The answer is simple: It’s difficult for an agent-based …

Linux Malware Cryptominer Detection and Forensics

July 31, 2018July 26, 2018

This year we have seen a huge uptick in cryptomining malware against Linux servers. The usual attack vector is the following: A brute force attack against SSH accounts. Automated install of a pre-compiled binary once …

Sandfly 1.3 Update

July 23, 2018

A new version of Sandfly has been released. Version 1.3 has the following changes: Container OS was switched from Alpine to Ubuntu Minimal for better compatibility and more up to date packages. TLS 1.1 has …

Linux File Masquerading and Malicious PIDs – Sandfly 1.2.6 Update

July 5, 2018

Sandfly 1.2.6 Released This version of Sandfly has many internal performance improvements. Some sandfly checks have been sped up over 50%. We have also added a variety of new sandfly checks, some of which are …

Sandfly Blog