Linux Security

Advantages of Agentless EDR for Linux

BPFDoor Detection, Analysis, and Hunting Tactics on Linux

Linux Stealth Rootkit Hunting Video Presentation

Linux Stealth Rootkit Hunting Presentation

Linux Medusa Rootkit Detection and De-Cloaking

Sandfly Secures Vay's Remotely Driven Vehicle Fleet

Sandfly 5.5 - AI Linux Forensics Analysis Demo

SCTP Protocol Attack Risks on Linux

Detecting Packet Sniffing Malware on Linux

Eliminating Linux Security Blind Spots: Insights from the CISO Series Podcast

Detecting Bincrypter Linux Malware Obfuscation

Sandfly Wins Gold in the Cybersecurity Excellence Awards for EDR

Linux Password Hash Risks and Security Overview

SSH Lateral Movement Risks on Linux Webinar and White Paper

Detecting Melofee Stealth Backdoor Targeting Red Hat Linux

Rob Joyce Interview - Linux Critical Infrastructure Threats

De-Cloaking Linux Stealth Malware and Rootkits: sedexp, Diamorphine, and Reptile

Free Sandfly Linux Incident Response License

Evasive Linux Malware Detection Video Presentation (BPFDoor)

Defending Security Infrastructure Against Wild Weasels

Active vs. Dormant Attacks on Linux: Don't Neglect Either!

SSH Key Compromise Risks and Countermeasures

SSH Major Compromise Vector for Linux

Sandfly Linux File Entropy Scanner Updated

Leveling Up Your Linux Security

Log4j Kinsing Linux Stealth Malware in the Wild

Linux Stealth Rootkit Malware with EDR Evasion

Detecting CronRAT Crontab Malware on Linux

Linux Command Line Forensics and Intrusion Detection Cheat Sheet

Detecting and Investigating OpenSSL Backdoors on Linux

Linux Malware Investigation Myth: You Don’t Need a Debugger

Investigating Linux Process File Descriptors for Incident Response and Forensics

Getting In The Fight

Linux Stealth Rootkit Process Decloaking Tool – sandfly-processdecloak

Detecting Linux memfd_create() Fileless Malware with Command Line Forensics

Using Elasticsearch and Kibana to Investigate Suspicious Linux Activity with Sandfly

Detecting Linux Kernel Process Masquerading with Command Line Forensics

How To Decloak Stealth Linux Cryptocurrency Mining Malware

Sandfly Filescan Open Source File Entropy Scanner for Linux

Basic Linux Malware Process Forensics for Incident Responders

Using Linux utmpdump for Forensics and Detecting Log File Tampering

Getting an Attacker IP Address from a Malicious Linux At Job

Detecting and De-Cloaking HiddenWasp Linux Stealth Malware

How To Recover A Deleted Binary From Active Linux Malware

Using Linux Process Environment Variables for Live Forensics

The Advantages of Agentless Security and Intrusion Detection for Linux

Using Command Line Tools to Find Process Masquerading Linux Malware

Why You Must Monitor Linux for Signs of Intruders

Hunting for Linux Intrusion Tactics is Better than Searching for Exploit Signatures

Ninjas on Rooftops – A Better Approach to Linux Threat Hunting

Why You Should Be Searching for Linux Anti-Forensics

Christchurch HackerCon 2018 Presentation – Insider’s History of Intrusion Detection Technology

Why Agentless Security is Needed on Linux

Linux Malware Cryptominer Detection and Forensics

The Pyramid of Pain and Sandfly

Detecting Linux Binary File Poisoning

Christchurch Hacker Con 2017 Linux Forensics Slides

Linux Malware Persistence with Cron

Linux Command Line Forensics Presentation at Christchurch Hacker Con 2017

Christchurch Hacker Con Linux Digital Forensics Video