News
Sandfly 4.5.0 - Powerful New Expression Syntax
Sandfly 4.5.0 has received a massive capability upgrade with a new expression language syntax. This new upgrade greatly expands how our agentless threat hunting and incident response modules can be…
Sandfly 4.4.0 - Agentless Linux Password Auditing and Data De-Duplication
Sandfly 4.4.0 has two major new features we are excited about sharing: Agentless password auditor that works across all Linux distributions. De-duplicating events resulting in a 99%+ reduction in…
Sandfly 4.3.2 - Linux Loadable Kernel Module Rootkit Taint Detection
Version 4.3.2 of Sandfly incorporates various innovative techniques for identifying Linux kernel taint inconsistencies, which aid in uncovering stealth rootkit activity. Additionally, we have…
Sandfly 4.3.0 - Key Vault Integration, Process, SSH, and Persistence Attack Detection
Sandfly 4.3.0 features an external credential provider interface. Using our new integration you can get Sandfly to work with an external key vault such as Cyberark, Thycotic, Hashicorp and more. We…
Sandfly 4.2.3 - OpenSSL CVE-2022-3602 and CVE-2022-3786 Update
Sandfly 4.2.3 has been released and contains fixes for the OpenSSL CVEs announced on November 1, 2022: CVE-2022-3602 and CVE-2022-3786. Sandfly's core server and API is written in Go and the TLS…
Sandfly Security Code Audit and Continuous Monitoring
Sandfly is proactive about protecting the security of our customers and has recently completed an external code audit of our on-host forensic engines with no significant security issues. Further, all…