Change happens, especially in IT environments. Systems and their configuration will be changed on a regular basis. With proper change management, these changes can be regulated.
File integrity monitoring is mainly focused on detection of change. Change management itself, is more a preventative tool. Combining both processes will result in better prepared changes, as there is a second layer to audit them.
Monitoring of file integrity can be done on several levels. One area is monitoring the file contents and attributes, similar to the functionality provided by tools like AIDE or Tripwire. Another level of monitoring files is at the kernel level, with technology like IMA/EVM. This even allows for blocking access to altered binaries.
Our file integrity module performs internal tests of file integrity, but especially leverages existing technologies. This way it does not replace your existing tools, but fully integrates. It helps configuring and measuring your implemented security defenses.