White Paper
Meeting the True Intent of File Integrity Monitoring
As organizations struggle to pass compliance audits, they often overlook the true intent of the requirements spelled out in those regulations or standards. Lately, this has been the case for the requirement for file integrity monitoring, or FIM. Most organizations use FIM simply to check the checkbox, particularly for PCI requirement 11.5. But most complain that file integrity monitoring is no longer useful—that it just creates noise by capturing change data without providing any insights into whether a given change is good or bad.
In this paper, we discuss:
- What FIM is and its origins
- Why the reputation of FIM has become tarnished
- Confusion around the intent of FIM in PCI
- The capabilities a true FIM solution must have to protect data and improve security
Download this paper, and learn why true FIM still deserves a seat at the security table, and how you can make sure your FIM solution is a true FIM solution.
Related Tripwire Resources You Might Be Interested In:
- Reducing Federal Systems Risk with the SANS 20 Critical Controls Read
- Demo: Prevent, Detect and Correct IT Issues in Your Critical Infrastructure Watch
- 10 Steps for Early Incident Detection Read
- Extracting Business Intelligence from IT Security Data Watch
- From Compliance To Security: Making PCI Earn Its Keep Watch
- How a Growing Grocery Chain Turned Compliance Checkboxes into IT Security Watch
- SCM: The "Blocking and Tackling" of IT Security Read
- Security Configuration Management -- The Keys to the Digital Kingdom Watch
Sign In
to register for this White Paper