File Integrity Monitoring


Change Management


Change happens, especially in IT environments. Systems and their configuration will be changed on a regular basis. With proper change management, these changes can be regulated.


File integrity monitoring is mainly focused on detection of change. Change management itself, is more a preventative tool. Combining both processes will result in better prepared changes, as there is a second layer to audit them.



File Integrity Monitoring


Monitoring of file integrity can be done on several levels. One area is monitoring the file contents and attributes, similar to the functionality provided by tools like AIDE or Tripwire. Another level of monitoring files is at the kernel level, with technology like IMA/EVM. This even allows for blocking access to altered binaries.



Lynis Enterprise: File Integrity Module


Our file integrity module performs internal tests of file integrity, but especially leverages existing technologies. This way it does not replace your existing tools, but fully integrates. It helps configuring and measuring your implemented security defenses.