Sandfly 3.0 - Production Release and Licensing Changes

September 28, 2021

Product Update

We’re pleased to make two major announcements today; firstly, the 3.0 version of Sandfly Security has moved from Beta to a production release.

Secondly, the Starter Edition now secures up to 500 Linux hosts on your network free of charge.

There are also two new paid versions of Sandfly, called Standard and Enterprise, with advanced features designed to suit both SMB and larger customers wanting to improve their Linux server security.

Free agentless security on up to 500 hosts.

Learn More

Starter Edition

With the global increase in Linux malware and stealth rootkit attacks against Linux, we want to encourage people to scan their Linux hosts that aren’t checked today. Unmonitored Linux systems allow intruders to linger and dig deep into a network, where they can remain undiscovered for months or years. The Starter Edition can be used instantly to discover Linux intruders and malware on up to 500 hosts so all systems can be protected.

We also want to ensure that you are able to check these systems even if behind firewalls or segmented cloud deployments. The Starter Edition allows you to do this with support for SSH jump hosts and distributed scanning nodes that can work across cloud providers, network segments, remote offices and more.

Starter Edition is the full product with limitations on the number of alerts you can view at once and advanced features like automated response. In addition, all events are deleted after 24 hours versus the paid license and you will need to renew your license every 12 months - sign up for Starter Edition here.

Standard Edition

This edition unlocks more features for full product functionality. Users can view unlimited results and those results have extended retention times. This edition includes Sandfly Hunter, our search engine to allow isolating and searching for forensic details across hosts. Also, it includes automated response capability, the ability to write custom sandfly threat hunting modules and unlimited users.

Standard Edition has a minimum monthly charge, which includes up to 20 hosts. Additional hosts can be purchased, up to 500 hosts. Above that you’ll require the Enterprise Edition license. Standard Edition pricing is available here.

Enterprise Edition

Enterprise has all the features of Standard plus SOAR tool on-demand threat scanning, Splunk data connectors, ElasticSearch replication for unlimited event retention, and enterprise support. Enterprise Edition has a minimum monthly charge, which includes up to 20 hosts. Additional hosts can be purchased, with no limit on the number of hosts to be protected. For Enterprise pricing, please contact us.

Sandfly Edition Feature Comparison

StarterStandardEnterprise
Hosts50020 hosts included20 hosts included
Max Hosts500500Unlimited
Alerts3UnlimitedUnlimited
Email Notifications1UnlimitedUnlimited
Syslog Notifications0UnlimitedUnlimited
Data Retention24 hours72 hours72 hours
Schedules1UnlimitedUnlimited
Jump HostsUnlimitedUnlimitedUnlimited
Named QueuesUnlimitedUnlimitedUnlimited
Custom Sandflies
Auto Response
Standard Support
Replication
Splunk
Ad Hoc Scan
Enterprise Support

Got questions about the new licensing?

Talk to an Expert

Let Sandfly keep your Linux systems secure.

Protect Hosts Now