File Integrity Monitoring (FIM)
File integrity monitoring is a key component of any information security program. Changes to configurations and files across the network are common, but the few that impact file configuration integrity are often hidden within a large volume of daily changes. And despite every effort to maintain good access control, critical, static files will change on endpoints in your environment. Lacking awareness of access and changes to important system files, folders and registry keys can threaten file integrity. If core operating system and application files are compromised by malware or replaced with older, depreciated versions, new threats and vulnerabilities can make their way onto your technology assets. The potentially devastating consequences that follow such an event necessitate the need to know when files change, and the contextual information to understand why. Several compliance regulations require file integrity monitoring, including PCI DSS, HIPAA, and NERC SIP.
Cyber Shelter’s File Integrity Monitoring (FIM) solution is able to monitor remote file systems in real time, allowing you track and monitor file access and change throughout your entire network. It provides an essential early warning indicator of potential malicious activity and the presence of malware in the network environment. The solution leverages advanced intelligence capabilities by prioritizing events by criticality, thus reducing the amount of investigation customers must do regarding file changes, adds and deletes.
The solution that evolves as new threats arrive
The File Integrity Monitoring system can automatically correlate file system change information with other intelligence data to determine whether those changes are legitimate, or whether they point to operational or security problems within the environment. Cyber Shelter’s File Integrity Monitoring solution comes pre-populated with checks and pattern recognition for common problems and attacks, and its extensibility means it is always evolving as new threats arrive. This means that your file system environment is protected from zero day malware and advanced persistent threats.
The product’s user-aware interface allows you to holistically view user and file activity, and selectively monitor file views, modifications and deletions, and modifications, as well as group, owner and permissions changes. You can use built-in File Integrity Monitoring templates to audit key files, and generate out-of-the box reports to demonstrate compliance with standards like PCI DSS, SOX, HIPAA, NERC CIP, FISMA etc.