Sandfly 3.0 - Production Release and Licensing Changes
September 28, 2021
We’re pleased to make two major announcements today; firstly, the 3.0 version of Sandfly Security has moved from Beta to a production release.
Secondly, the Starter Edition now secures up to 500 Linux hosts on your network free of charge.
There are also two new paid versions of Sandfly, called Standard and Enterprise, with advanced features designed to suit both SMB and larger customers wanting to improve their Linux server security.
With the global increase in Linux malware and stealth rootkit attacks against Linux, we want to encourage people to scan their Linux hosts that aren’t checked today. Unmonitored Linux systems allow intruders to linger and dig deep into a network, where they can remain undiscovered for months or years. The Starter Edition can be used instantly to discover Linux intruders and malware on up to 500 hosts so all systems can be protected.
We also want to ensure that you are able to check these systems even if behind firewalls or segmented cloud deployments. The Starter Edition allows you to do this with support for SSH jump hosts and distributed scanning nodes that can work across cloud providers, network segments, remote offices and more.
Starter Edition is the full product with limitations on the number of alerts you can view at once and advanced features like automated response. In addition, all events are deleted after 24 hours versus the paid license and you will need to renew your license every 12 months - sign up for Starter Edition here.
This edition unlocks more features for full product functionality. Users can view unlimited results and those results have extended retention times. This edition includes Sandfly Hunter, our search engine to allow isolating and searching for forensic details across hosts. Also, it includes automated response capability, the ability to write custom sandfly threat hunting modules and unlimited users.
Standard Edition has a minimum monthly charge, which includes up to 20 hosts. Additional hosts can be purchased, up to 500 hosts. Above that you’ll require the Enterprise Edition license. Standard Edition pricing is available here.
Enterprise has all the features of Standard plus SOAR tool on-demand threat scanning, Splunk data connectors, ElasticSearch replication for unlimited event retention, and enterprise support. Enterprise Edition has a minimum monthly charge, which includes up to 20 hosts. Additional hosts can be purchased, with no limit on the number of hosts to be protected. For Enterprise pricing, please contact us.
Sandfly Edition Feature Comparison
|Hosts||500||20 hosts included||20 hosts included|
|Data Retention||24 hours||72 hours||72 hours|
|Ad Hoc Scan|