Where Sandfly Fits

Where Sandfly Fits

Sandfly Security is proud to be part of the

Vodafone Xone Accelerator Program

Sandfly was designed to work on everything from small to large Linux installs.

Many users of Linux have no endpoint monitoring at all. Our experience has shown that this is a tremendous mistake. Linux compromises happen just as regularly as they do with Windows. Yet, the results can be worse as Linux systems are often serving critical data directly to your customers or storing critical data for you. With no monitoring on your Linux hosts, an intruder can enter and cause extensive damage to your organization and reputation. 

With our agentless deployment, you can have Linux monitoring and know you are following best practices to protect your data against serious risks of theft or damage.

Use Cases

Customers Demand Security as Part of their Service


The lower cost and ease of use of the cloud still makes endpoint security the responsibility of the user. With Sandfly, it takes seconds to add cloud-based hosts and give them immediate protection. Sandfly was developed on cloud-based systems to ensure it would work without any hassles.


Sandfly can be quickly deployed to provide additional security monitoring to important services that keep your company network going. By providing a constant set of eyes on your Linux hosts, Sandfly makes your security team more effective so they can deal with real threats when they happen.


During a security incident, time is critical. Sandfly’s agentless technology can be deployed rapidly and help you investigate systems automatically to isolate and contain the situation. Sandfly’s automated investigation techniques assist incident responders with fast and reliable forensic information. 


Sandfly is completely self-contained. It sends no data back to us, and does not ship potentially confidential data from your systems off-site for analysis. Sandfly is designed to work on networks that are on the Internet, or those that are air-gapped. No data leaves the system to a third-party during operation that can compromise your security controls.