Sandfly Security’s formal commercial launch of the company and latest release of its Agentless Linux Security solution is timely in a world faced with increasingly frequent, costly, and far-reaching cyberattacks. Linux is considered the “OS of the internet” and enables many IoT and other critical infrastructure services, but it remains an underserved, often under protected, and misunderstood attack surface. Sandfly is on a mission to change that.
Sandfly is pleased to announce the addition of Paul Jespersen to its founding executive team. Jespersen joins as Vice President of Worldwide Sales and Business Development, responsible for establishing and growing the company’s revenue. He joins Sandfly from Stellar Cyber, where he was the founding VP of Sales and SVP Global Business Development and was a key force in the rapid growth of that company. Previously he was VP Business Development at Lastline, later acquired by VMware, and VP Business Development and Emerging Products at Comodo, as well as several other successful startup companies including Ocular Networks, acquired by Tellabs, and Timetra Networks, acquired by Alcatel. He started his career with US Robotics and Cisco Systems.
“I am thrilled to join Craig and the incredible team at Sandfly Security. Sandfly’s unique agentless technology is a real game changer for all kinds of Linux deployments, such as large enterprise and SaaS server farms, giving users unprecedented visibility and detections. With this latest release and company expansion we are excited to take our unique solution aggressively to market,” said Jespersen.
Sandfly Security is founded and led by Craig Rowland, CEO, who was previously a key contributor at Wheelgroup, and Founder, President, and CTO at Psionic, both acquired by Cisco. Craig started his career in cybersecurity working at the Pentagon for the Chief of Naval Operations and is a well-respected expert and thought leader on security topics including IDS and Linux security.
The key to Sandfly’s solution is its patented agentless technology that is designed and built specifically for Linux. “Linux is a generic term that means everything from massive cloud deployments down to simple embedded applications,” said Craig Rowland, CEO of Sandfly. “We created Sandfly to be agentless because traditional agent-based solutions face huge compatibility, performance, and stability hurdles covering all these platforms and use cases. We see many situations of unmonitored Linux and it can have serious consequences. Sandfly gives security teams a new way to address this problem and provide instant visibility, without deploying agents.”
Sandfly 4.0 introduces an updated UI look and workflow to its proven tactics hunter tool, as well as several key new features, including:
- SSH Hunter™: Gives users the ability to quickly track and identify issues with SSH keys. Sandfly lets users find SSH credential problems before they enable compromise.
- Enhanced eBPF rootkit and related activity detection: Sandfly has always proven to be an effective tool for detection and identification of eBPF and other rookit issues. Now there are even more detections and process checks.
- MITRE ATT&CK framework mapping: Detections are mapped directly into the MITRE ATT&CK framework for easy identification and follow up.
- SIEM / SOC integrations: Seamless integration into Splunk, Elastic, and many other SIEM, XDR, and SOAR SOC platforms, including a Splunkbase app with Splunk CIM compatibility and full API support.
“There are so many critical systems and services running on Linux today. Sandfly allows for rapid deployments in incident response situations, since no agent or previous installation is necessary” said Presley Prescott, founder and CTO of Loepre GmbH. “The new SSH Hunter feature increases the value of Sandfly even further by showing the relationship between keys, users, and hosts.”