Sandfly is an agentless intrusion detection and incident response platform for Linux. Sandfly automates searching for hackers, malware, and suspicious activity on your Linux systems 24 hours a day. It features an extensive list of security checks to spot compromises and intrusions on Linux along with expert-level forensic evidence gathering to support incident response. Optionally, you can configure automated responses to deal with threats directly once detected.
Sandfly is able to provide all of this without loading any software on your Linux endpoints, making it easily deployed and reliable.
This guide will take you through setup and operation of Sandfly.
Updated 8 months ago