In the next two weeks we will be fully launching the EDR Live Discover for LINUX.
The capabilities on Linux are simply astounding, we have been busy creating the prebuilt queries and finishing the last bit of work before this is fully available.
In the video, Ethan Vince-Urwin, one of the core linux developers who has been building the features we all love takes the product for a test drive and shows off some of the power and simplicity of Live Discover for Linux.
Ethan shows how to use a query that leverages lenses to parse configuration files to check if the linux system allows password based authentication for root users over ssh. To top it off he then uses the Live Response feature (coming on Linux later this summer) to go fix the problem remotely and then run the query again to confirm the problem has been fixed.
Enjoy.