File integrity monitoring (FIM) is essential for securing data and meeting compliance regulations. In particular, the Payment Card Industry Data Security Standard (PCI DSS) requires organizations to use FIM to help secure their business systems against card data theft by detecting changes to critical system files. This article explains these PCI DSS requirements and how to achieve compliance using FIM.

The benefits of a capable and properly deployed File Integrity Monitoring (FIM) solution are plentiful: And the importance of FIM cannot be understated. Let’s not forgot what the Center for Internet Security (CIS) says in its Distribution Independent Linux Benchmark version 2.0.0.

Change is prolific in organizations’ IT environments. Hardware assets change. Software programs change. Configuration states change. Some of these modifications are authorized insofar as they occur during an organization’s regular patching cycle, while others cause concern by popping up unexpectedly. Organizations commonly respond to this dynamism by investing in asset discovery and secure configuration management (SCM).

In order to maintain the integrity of a Windows file system, File Integrity Monitoring is applied to ensure no unauthorized changes are made to files, folders or configuration settings.

Within the FIM technology market, there are choices to be made. Agent-based or agentless is the most common choice, but even then there are both SIEM and ‘pure-play’ FIM, solutions to choose between.

If File Integrity Monitoring (FIM) were easy, everyone would be doing it. Actually, it is pretty easy. It’s not exactly rocket science. Practically anyone with a modicum of Python, Perl or development skills can write an app or a script to gather the checksum of a file, compare it to a list or baseline, and tell you whether or not said file has changed.

Securing AWS Fargate serverless workloads can be tricky as AWS does not provide much detail about the internal workings. After all… it’s not your business, AWS manages the scaling of underlying resources for you. :) While the security and stability of Fargate’s system is an inherent feature, Fargate follows a shared responsibility model, where you still have to take care of securing those parts specific to your application..

Imagine an arc. Not just any arc. A rainbow. When we think of a rainbow, it conjures impressions of color, inspiration and even supernatural characteristics. Does your cybersecurity program long for a magical pot of gold at the end of a rainbow? With all the moving parts of cybersecurity, sometimes it seems like we are merely chasing rainbows. However, it doesn’t have to be that way.

Integrity is a word thrown around a lot in the cybersecurity space. That’s not surprising. It is one of the three components that make up the CIA Triad, after all. However, the meaning and use of the word has been relatively limited in many security circles up until now. Let’s take a look at the security industry more broadly. In most conversations dealing with integrity, data security and File Integrity Monitoring (FIM) controls often end up being the primary focal areas.