Videos
Using Elasticsearch and Kibana to Investigate Suspicious Linux Activity with Sandfly
May 28, 2020
In this video we’re going to show you how to use Sandfly with Elasticsearch Kibana dashboards to search for and investigate a suspicious…
Using Linux Process Environment Variables for Live Forensics
May 06, 2019
In this post and video we’re going to explore the Linux /proc directory further by digging into a live process and the environment variables…
The Advantages of Agentless Security and Intrusion Detection for Linux
March 07, 2019
In this video Sandfly founder Craig Rowland talks about agentless vs. agent based security for Linux. He’ll discuss why agentless approaches…
Using Command Line Tools to Find Process Masquerading Linux Malware
February 28, 2019
In this video Sandfly founder Craig Rowland goes over the basics behind using command line tools on Linux to look into a suspicious process…
Why You Must Monitor Linux for Signs of Intruders
February 21, 2019
When Sandfly Founder Craig Rowland was brought in to do his first penetration test many years ago, one of the first systems he broke into…
Hunting for Linux Intrusion Tactics is Better than Searching for Exploit Signatures
February 14, 2019
When the NSA and a couple years back, Sandfly founder Craig Rowland ignored the zero day attacks they had and studied their tactics in the…