What Is File Integrity Monitoring (FIM)?
File integrity monitoring is an integral cybersecurity control required by global compliance requirements like PCI DSS. Invented by the founder of Fortra's Tripwire, FIM enforces the integrity of digital systems by continuously monitoring for changes to files, operating systems, servers, endpoints, and more in real time — showing you what changed, when, and by whom, so you can stop security incidents in their tracks.
Why Is File Integrity Monitoring Important?
FIM enables you to remediate unauthorized changes, reduce overall risk, and maximize uptime.
Benefits of File Integrity Monitoring (FIM)
Detect changes in real-time
Identify exactly what changed and by whom
Determine which changes increase risk
Determine which changes result in non-compliance
Distinguish between authorized and unauthorized changes
File Integrity Monitoring Best Practices
Establish a Secure Baseline
Capture the “known good state” of your systems when properly configured so you can monitor for deviations
Monitor More Than Just Files
FIM ensures the integrity of much more than files: Use it to monitor for change in servers, operating systems, networks, endpoints, and more
Keep Security in Mind
It may be a critical part of compliance, but the heart of FIM is security; tracking real-time system changes empowers you to respond to potential breaches before damage is done
Notify the Appropriate Personnel
Alert fatigue makes it hard to pinpoint what needs your urgent attention, so choose a solution that shows the right info to the right people at the right times
Combine with Policy Management
Gain complete integrity control and continuous compliance with visibility into all changes that are suspicious or deviate from compliance
Save time by enforcing multiple compliance policies simultaneously in your integrity monitoring practice, and use a solution capable of custom policy creation
File Integrity Monitoring for Operating Systems (Windows vs. Linux)
In today's world, organizations are running on a variety of different operating systems. It's imperative to find a FIM solution with the flexibility to continuously monitor the operating systems you use today with room to grow. From AIX and Amazon to VMware and Windows, enforce FIM using your choice of operating systems.
Scalable Protection for Complex Environments
Whether you manage your data on-premises, fully in the cloud, or in a hybrid environment wherein both are used, Tripwire solutions bridge FIM across your entire environment. As the inventors of FIM, Tripwire can provide complete visibility into every change on your network.
Tripwire® Enterprise pairs the industry’s most respected FIM with security configuration management (SCM) to provide real-time change intelligence and threat detection. For the compliance officer, it delivers proactive system hardening and automated compliance enforcement—resulting in a reduction of audit cycles and cost.
Real-time change detection
Tripwire File Integrity Manager
Tripwire® File Integrity Manager is available for those who want the power of Tripwire FIM without the other features included in Tripwire Enterprise. It uses automation to detect system changes and to remediate those that take a configuration out of policy.
Real-time change detection
“Who, what, and when” change information
Change ticketing system integration
See Tripwire FIM in Action
Organizations with visibility into system changes are more effective at catching intruders and keeping systems online. See what’s going on across your entire IT infrastructure in a single pane of glass.
Watch the on-demand demo here or schedule a personalized demo.
Featured Case Studies
Learn how one global telecommunications company maintained SOX compliance and elevated its change management process with Tripwire Enterprise. Before introducing Tripwire into its environment, it was already taking advantage of ServiceNow to keep DevOps processes running at top speed. But they didn’t have an automated, reliable way to monitor change approvals and reconciliations. In addition to quickly seeing process improvements, the company can now identify application owners that aren’t following the change control process.
Electric Utility Organization
Western Farmers Electric Cooperative (WFEC) is a U.S. electric generation and transmission cooperative. Along with the need for NERC CIP compliance and FIM, WFEC needed a solution that would identify indicators of compromise and monitor for suspicious activity without causing service interruption. According to WFEC, “Tripwire is not resource-intensive the way anti-virus is. From my perspective, Tripwire does more than traditional antivirus does. It gives you more insight.”