How It Works
Delivered through an agent and installed on your virtual servers/instances/workloads, FIM is designed to monitor critical OS files, configurations, and processes, as well as application files and related activities for potential indicators of compromise.
File integrity monitoring looks for:
- Changes to critical OS files and processes such as directories, registry keys, and values
- Changes to application files
- Rogue applications running on the host
- Unusual process and port activity
- System incompatibilities
FIM establishes a baseline by which future activities are compared against and applies standardized monitoring policies for each workload.