What is Capsule8, now part of Sophos?
Capsule8, now from Sophos (acquired 2021) provides attack protection for enterprise Linux -- whether containerized, virtualized, or bare metal. It is an EDR solution the vendor presents as performant and purpose built Linux detection that protects against threats, provides consistent visibility and ensures availability for production infrastructure in hybrid muti-cloud environments regardless of workload.
Capsule8 provides teams with detection, monitoring and response designed to embed seamlessly into Linux systems – regardless of environment. By using Capsule8, the vendor states teams has the visibility needed to help them detect incidents, and investigate and protect against unwanted behavior, without adding operational risk or cost.
Detections include: Malware Targeting Linux, Memory Corruption, New File Behavior, Unusual Application Behavior, Suspicious Interactive Shell, Container Escapes, Kernel & Userland Backdoors, Privileged File Operations, Network Discovery, Lateral Movement, Process Injection, System Discovery, Scheduled Task Changes, Compiler Usage, Privileged Command Usage and Risky Developer Activity.
Capsule8 provides teams with detection, monitoring and response designed to embed seamlessly into Linux systems – regardless of environment. By using Capsule8, the vendor states teams has the visibility needed to help them detect incidents, and investigate and protect against unwanted behavior, without adding operational risk or cost.
Detections include: Malware Targeting Linux, Memory Corruption, New File Behavior, Unusual Application Behavior, Suspicious Interactive Shell, Container Escapes, Kernel & Userland Backdoors, Privileged File Operations, Network Discovery, Lateral Movement, Process Injection, System Discovery, Scheduled Task Changes, Compiler Usage, Privileged Command Usage and Risky Developer Activity.
Categories & Use Cases
Videos
Technical Details
| Mobile Application | No |
|---|