Sandfly Security
Agentless Linux EDR platform for threat detection and incident response.
Sandfly Security
Agentless Linux EDR platform for threat detection and incident response.
Data verified May 2026
ADYour product here. Reach security decision-makers.Launch a campaignSandfly Security Description
Linux
IOT Security
Critical Infrastructure
Anomaly Detection
IOC
Hunting
Rootkit
Workload Security
Cloud Native
MITRE Attack
Sandfly Security is an agentless Linux endpoint detection and response (EDR) platform designed for Linux environments ranging from cloud servers to embedded and IoT devices. Unlike traditional endpoint security tools, Sandfly operates without installing any agents on target systems. Instead, it connects to Linux hosts remotely to perform security checks, reducing compatibility risks and avoiding performance impacts on production systems. Core capabilities include: - Detection of known and unknown threats targeting Linux systems - Automated scanning for thousands of indicators of compromise (IOCs) - Incident response support for Linux environments - Coverage for a broad range of Linux deployments including cloud servers, telecommunications infrastructure, and embedded devices The platform is used in critical infrastructure environments globally, including telecommunications providers (in partnership with Ericsson) and cloud platforms (DigitalOcean). Ericsson integrates Sandfly's agentless EDR into its Ericsson Security Manager XDR solution. Sandfly is designed for organizations where installing endpoint agents is impractical or undesirable due to compatibility, operational continuity, or system sensitivity concerns. It aims to reduce false positives through Linux-specific detection logic rather than generic endpoint security approaches.
Sandfly Security FAQ
Common questions about Sandfly Security including features, pricing, alternatives, and user reviews.
Sandfly Security is Agentless Linux EDR platform for threat detection and incident response, developed by Sandfly Security. It is a Endpoint Security solution designed to help security teams with Linux, IOT Security, Critical Infrastructure.
Sandfly Security offers the following core capabilities:
1.Agentless Linux endpoint monitoring and scanning
2.Detection of known and unknown Linux threats
3.Automated scanning for indicators of compromise (IOCs)
4.Incident response support for Linux systems
5.Coverage for cloud servers, embedded devices, and IoT
6.Low-noise, Linux-specific detection logic to reduce false positives
Learn more at https://cybersectools.com/tools/sandfly-security
Sandfly Security is a commercial Endpoint Security solution. For detailed pricing information, visit https://sandflysecurity.com/ or contact Sandfly Security directly. View more details at https://cybersectools.com/tools/sandfly-security
Popular alternatives to Sandfly Security include:
1.AI EdgeLabs Host Platform Security - eBPF-based, AI-driven EDR for edge, containers, and critical infra. (Commercial)
2.Invary Runtime Integrity Solution - Kernel-level runtime integrity verification using NSA-licensed technology. (Commercial)
3.AhnLab EDR - EDR solution with behavioral analytics and MITRE ATT&CK mapping (Commercial)
4.Seqrite EDR - AI-driven EDR for threat detection, response, and investigation on endpoints (Commercial)
5.Somansa Privacy-i EDR - Next-gen antivirus & EDR with pattern/behavior detection engines (Commercial)
Compare these tools and more at https://cybersectools.com/categories/endpoint-security
Sandfly Security is for security teams and organizations that need Linux, IOT Security, Critical Infrastructure, Anomaly Detection, IOC. It's particularly suitable for enterprises requiring robust, commercial-grade security capabilities. Other Endpoint Security tools can be found at https://cybersectools.com/categories/endpoint-security
Have more questions? Browse our categories or search for specific tools.
