uses cookies for analytics and functionality purposes.To change your cookie settings or find out more, click here. If you continue browsing our website or close this banner, you accept these cookies.

What is File Integrity Monitoring (FIM)?

File integrity monitoring is the security technology invented by Tripwire that monitors and detects changes in your environment to detect and remediate cybersecurity threats.

FIM solutions monitor file changes on servers, databases, network devices, directory servers, applications, cloud environments, virtual images and to alert you to unauthorized changes.

{/* Straight Line */} {/* Circles */}




A strong file integrity monitoring solution uses change intelligence to only notify you when needed—along with business context and remediation steps. Look for detailed security metrics and dashboarding in your FIM solution.

FIM helps you meet many regulatory compliance standards like PCI-DSS, NERC CIP, FISMA, SOX, NIST and HIPAA, as well as best practice frameworks like the CIS security benchmarks.

File Change Detection

Every security breach begins with a single change. A small alteration to one file can expose your whole network to a potential attack. File integrity monitoring, in its simplest sense, is about keeping track of change from an established baseline and alerting you to any unexpected change that may represent a security risk or a compromise in regulatory compliance. Whether it’s a phishing scam, DDoS attack, malware, ransomware or insider threat, your FIM solution should alert you right away anytime a cybercriminal is penetrating your system.

Baseline Comparison

In order to know which file changes are relevant to your security, you must first establish an authoritative data integrity baseline. A FIM solution like Tripwire® File Integrity Manager will capture your system’s configuration baseline and deliver the “who, what and when” details of each relevant file change—without bogging you down in notifications about routine changes.

Automated Remediation

A FIM solution is only useful if it clearly communicates the steps you need to take once a suspicious change is identified. Once your FIM solution flags a suspicious change from your established security baseline, it should provide immediate steps for remediation. Automated FIM solutions help you return to your baseline quickly. Advanced FIM products can also integrate with other security solutions like log management, vulnerability management and security configuration management (SCM), as well as your DevOps tools.

Powerful FIM Should Be Your Security 101

Tripwire offers a range of future-ready cybersecurity solutions to help you protect your systems and your customer data. Contact us or get a demo to learn more about Tripwire Enterprise, Tripwire File Integrity Manager, and Tripwire ExpertOps—our security-as-a-service solution for small teams with big challenges.