File-Integrity-Monitoring
Security pros everywhere rely on SolarWinds Log & Event Manager for powerful, affordable, and efficient Security Information and Event Management (SIEM). Our All-In-One SIEM combines log management, event correlation, visualization, reporting, File Integrity Monitoring, USB defense, SQL database monitoring, and active response in a virtual appliance that's easy to deploy, manage, and use. We've designed our SIEM specifically for smaller security departments—providing the feature set you need without the complexity and cost.
  • Gain the power of SIEM without spending a fortune or hiring an army
  • Increase security visibility with 24x7 automated monitoring and real-time analysis
  • Obtain broader compliance support, stronger security intelligence, and a faster time-to-respond duration with embedded file integrity monitoring and active response
  • Tackle compliance, security, and insider threats with expert-developed, per-packaged templates and automated log management
  • Perform rapid root cause analysis with built-in intelligence and strong visualization across networks, systems, applications, and security
Download a 30-day free trial now!
Cybersecurity

Why do you need File Integrity Monitoring?
Use File Integrity Monitoring (FIM) to detect and alert on changes to files, folders, and registry settings. Whether you need to monitor file changes to stay compliant with PCI, SOX, or HIPAA standards, or you simply want to ensure the security of your IT environment, Log & Event Manager can help check file integrity.
Benefits of File Integrity Monitoring
• Meet and demonstrate industry standard compliance such as PCI DSS, SOX, HIPAA, and more.
• Gain visibility into server and application change management.
• Provide security by detecting zero-day malware and Advanced Persistent Threats (APTs).
Compliance Requirements and Reporting
Many industry compliance standards require you to secure sensitive data and demonstrate how you have secured it. SolarWinds LEM can use file integrity monitoring to help meet these requirements by auditing key files and folders. SolarWinds LEM leverages agents installed locally on each server to audit access. You can easily demonstrate the security of this data by running out-of-the-box reports built around standards like PCI DSS, SOX, HIPAA, NERC CIP, FISMA, and SANS Critical Security Controls.

User-aware File Integrity Monitoring
System, Active Directory® (AD), and file audit events are correlated to obtain information on which user was responsible for accessing and changing a file. You can also identify other activities of the user before and after the file change for complete user activity monitoring. You can use this information to send an alert or run reports to review activity.

Zero-day Malware and APT Detection
Malware and APTs often access and modify local files. Therefore, by having a SIEM correlate logs from Anti-Virus and IDS/IPS with file audit events, you can detect APTs and malware. You can use SIEM's incident response actions to kill a malicious process or quarantine systems for complete endpoint protection.
File Integrity Monitoring
Implementing File Integrity Monitoring
Implementing FIM with SolarWinds LEM is easy and does not require you to enable Windows® file auditing. Simply install the SolarWinds LEM agent and select the option to enable File Integrity Monitoring. When you choose to enable FIM, the agent installs all the necessary software. In the SolarWinds LEM web console, you can configure a connector to watch specific files, folders, or registry key value pairs for changes. For example, you can monitor the default Windows system folder on your machines to make sure no files are deleted. You can also use wildcard pattern matching to quickly specify a large set of files or file types based on their extension.
File Integrity Monitoring
How to Check File Integrity
File Integrity Monitoring works by running an agent on the Windows computer that listens for system events. These events are generated by the operating system and monitored by the SolarWinds LEM agent. When pre-defined events occur, they are forwarded to the SolarWinds LEM server where you can run remediation actions, send alerts, or report on the file events. Try It Yourself.
File Integrity Monitoring
You can monitor file integrity (and much more) when you download a free trial of Log & Event Manager. It's fully functional for 30 full days! We've designed our SIEM to be easy for smaller security departments to get up and running and fully functional for large companies. SolarWinds LEM provides the feature set you need without the complexity and cost. Download now!

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.