Detecting Linux memfd_create() Fileless Malware with Command Line Forensics

Splunk App for Sandfly Agentless Intrusion Detection for Linux Now Available

Using Elasticsearch and Kibana to Investigate Suspicious Linux Activity with Sandfly

Sandfly 2.6.0 – Elasticsearch Replication, Linux Docker Container Security Scanning, Hidden Process De-Cloaking and More

Detecting Linux Kernel Process Masquerading with Command Line Forensics

Sandfly 2.5.2 – Scheduling Priority, Detecting Command Line Web Servers, Port Scanners and Kernel Thread Masquerading

Sandfly 2.5.0 – Higher Performance, SSH Key Certificates and More Linux Forensics

Sandfly 2.4.0 – Splunk Support, Reconnaissance, Process Injection Detection and Containers

How To Decloak Stealth Linux Cryptocurrency Mining Malware

Sandfly Filescan Open Source File Entropy Scanner for Linux

Sandfly 2.3.2 – Linux Packet Sniffer Detection and Faster Process Forensics

Sandfly 2.3 – Performance Updates, Elasticsearch 7 Support and More

Basic Linux Malware Process Forensics for Incident Responders

Sandfly 2.2 – Enhanced Web Shell Detection, Linux Anti-Forensics and More

Sandfly 2.1 Released