Sandfly detects many types of Linux stealth and non-stealth rootkits, Advanced Persistent Threats (APT), malware, website compromises, stolen credential access, and other attacks. Sandfly is persistent and thorough in monitoring Linux for malicious activity to give you an early alert that a compromise has happened.