Sandfly 2.7.2 has been released. This is a bug fix release to address a performance issue.
In the last release Sandfly introduced more extensive process decloaking for stealth rootkits. The technique effectively decloaks many kinds of Linux Loadable Kernel Module (LKM) stealth rootkits hiding processes, but it also introduced a performance hit for process and other checks. Sandfly 2.7.2 introduces a fix that significantly boosts performance while keeping the same decloaking capability in place. We recommend customers upgrade to this version to ensure Sandfly runs at top speed.
How to Upgrade Sandfly
Sandfly is easy to upgrade. Please follow the instructions here:
Thank you for using our product.