Linux EDR nologin Shell Rename Backdoor Attack Detection and Forensics

Поділитися
Вставка
  • Опубліковано 5 гру 2024

КОМЕНТАРІ • 4

  • @comosaycomosah
    @comosaycomosah 11 годин тому +1

    this channel should have so many more subs you guys make great vids i need to try your products i havent yet

    • @SandflySecurity
      @SandflySecurity  5 годин тому

      Thanks. We will be posting many more videos. Please share and tell your friends. We have a free trial on the website if you want to use it.

  • @kevinpaulus4483
    @kevinpaulus4483 2 дні тому

    Nice ... but you still need an exploit from which you can run root commands or escalate to root to replace the shell in the shadow passwd file (chsh) and change the non password to something legible (passwd). Do you have alerts of possible RCE's on vulnerable systems ... do you do continuous nessus like or nmap/NSE or ... other types of vulnerability scanning ?
    Anyway ... quite interesting product for an enterprise with a Linux environment.

    • @SandflySecurity
      @SandflySecurity  День тому +1

      We assume anyone that gets on a Linux box is going to get root is our philosophy. There are many ways it can happen with bugs, mis-configurations, etc. We scan systems on random basis for signs of attack but are not a vulnerability scanner. We specifically focus on compromise detection and agentless threat hunting. Many systems remain unpatched or open to attack and admins need an automated way to search out and identify hosts that have been compromised. Hope that helps.