Product Update

Sandfly 4.3.2 - Linux Loadable Kernel Module Rootkit Taint Detection

Product Update
March 20, 2023

Version 4.3.2 of Sandfly incorporates various innovative techniques for identifying Linux kernel taint inconsistencies, which aid in uncovering stealth rootkit activity. Additionally, we have…

Sandfly 4.3.0 - Key Vault Integration, Process, SSH, and Persistence Attack Detection

Product Update
January 23, 2023

Sandfly 4.3.0 features an external credential provider interface. Using our new integration you can get Sandfly to work with an external key vault such as Cyberark, Thycotic, Hashicorp and more. We…

Sandfly 4.2.3 - OpenSSL CVE-2022-3602 and CVE-2022-3786 Update

Product Update
November 01, 2022

Sandfly 4.2.3 has been released and contains fixes for the OpenSSL CVEs announced on November 1, 2022: CVE-2022-3602 and CVE-2022-3786 . Sandfly's core server and API is written in Go and the TLS…

Sandfly Security Code Audit and Continuous Monitoring

Product Update
October 23, 2022

Sandfly is proactive about protecting the security of our customers and has recently completed an external code audit of our on-host forensic engines with no significant security issues. Further, all…

Sandfly 4.2 - Automatic Host Discovery and Faster Than Ever

Product Update
October 12, 2022

Sandfly 4.2 has been released and features a new automatic host discovery for cloud and DHCP environments. Plus, it has been significantly optimized to be more than twice as fast with lower CPU…

Sandfly 4.0 - SSH Credential Auditing and eBPF Rootkit Detection

Product Update
July 27, 2022

Sandfly 4.0 has been released and includes our powerful new SSH key and credential auditing feature: SSH Hunter. This new feature allows you to track SSH key usage across your Linux fleet…