videos Archives - Sandfly Security

The Advantages of Agentless Security and Intrusion Detection for Linux

March 7, 2019March 7, 2019

In this video Sandfly founder Craig Rowland talks about agentless vs. agent based security for Linux. He’ll discuss why agentless approaches are better for compatibility and stability on Linux. Plus, he’ll discuss why agentless security …

Using Command Line Tools to Find Process Masquerading Linux Malware

February 28, 2019February 28, 2019

In this video Sandfly founder Craig Rowland goes over the basics behind using command line tools on Linux to look into a suspicious process. You’ll learn how to start a benign process and have it …

Why You Must Monitor Linux for Signs of Intruders

February 21, 2019

When Sandfly Founder Craig Rowland was brought in to do his first penetration test many years ago, one of the first systems he broke into was a Unix system that had an uptime of four …

Hunting for Linux Intrusion Tactics is Better than Searching for Exploit Signatures

February 14, 2019February 14, 2019

When the NSA and CIA source code leaked a couple years back, Sandfly founder Craig Rowland ignored the zero day attacks they had and studied their tactics in the code instead. In this video he’ll …

Ninjas on Rooftops – A Better Approach to Linux Threat Hunting

February 12, 2019February 12, 2019

Intrusion detection thought for the day: Someone trying to hide is a signature. In this video, Sandfly founder Craig Rowland discusses why hunting for hiding tactics vs. specific exploit signatures is an effective way to …

Why You Should Be Searching for Linux Anti-Forensics

February 10, 2019February 10, 2019

In this video Sandfly founder Craig Rowland discusses the importance of searching for Linux anti-forensic techniques on hosts you are protecting. Anti-forensics are techniques many intruders and malware use on Linux hosts to conceal their …

1000 to 1 Rule of Intrusion Detection

February 8, 2019

This is the first in an ongoing series of short videos on topics around intrusion detection, Linux security, digital forensics, malware and anything else Sandfly Founder Craig Rowland finds interesting. Be sure to subscribe to …

Detect Linux Loadable Kernel Module Stealth Rootkits Agentlessly with Sandfly

May 30, 2018April 27, 2018

Watch Sandfly’s agentless intrusion detection and threat hunting technology detect a Linux stealth rootkit. Sandfly automates the investigation and alerting of Linux rootkit compromises so you can respond quickly to threats. Hunt for rootkits. Don’t …