Using Command Line Tools to Find Process Masquerading Linux Malware

February 28, 2019

Incident Response, Linux Forensics, Videos

In this video Sandfly founder Craig Rowland goes over the basics behind using command line tools on Linux to look into a suspicious process…

Why You Must Monitor Linux for Signs of Intruders

February 21, 2019


When Sandfly Founder Craig Rowland was brought in to do his first penetration test many years ago, one of the first systems he broke into…

Hunting for Linux Intrusion Tactics is Better than Searching for Exploit Signatures

February 14, 2019

Intrusion Detection, Linux Forensics, Videos

When the NSA and a couple years back, Sandfly founder Craig Rowland ignored the zero day attacks they had and studied their tactics in the…

Ninjas on Rooftops – A Better Approach to Linux Threat Hunting

February 12, 2019

Linux Forensics, Videos

Intrusion detection thought for the day: Someone trying to hide is a signature. In this video, Sandfly founder Craig Rowland discusses why…

Why You Should Be Searching for Linux Anti-Forensics

February 10, 2019

Linux Forensics, Videos

In this video Sandfly founder Craig Rowland discusses the importance of searching for Linux anti-forensic techniques on hosts you are…

1000 to 1 Rule of Intrusion Detection

February 08, 2019

Linux Forensics, Videos

This is the first in an ongoing series of short videos on topics around intrusion detection, Linux security, digital forensics, malware and…