FIMAs it stands for File Integrity Monitoring, it monitors the critical system and applications files for any modifications/changes, be it authorized or otherwise. In addition to monitoring files, it can recursively check the whole directory for any addition/deletion. FIM solutions also provide additional information about who made the changes that can be useful in accountability.
MalwareMalware stands for malicious software, mostly spread through drive-by-download nowadays. The sources of malware have increased manifold, starting initially from extremely skilled developers to Internet user “script kiddies” who do not realize the extent of damage or sometimes does not even know the target audience. Most anti-malware solutions are signature-based. Malware includes many but not limited to viruses, Trojan horses, worms and logic bombs. Even if we employ an updated anti-malware solution, malware is still causing a lot of concerns in terms of its damages. The following are some of the types and reasons why malware is bound to get past anti-malware solutions:
- Virus Technologies: Viruses can propagate and infect in many different ways including multipartite, stealth, polymorphic, and encryption, to name a few. These techniques can easily cheat anti-malware solutions while scanning for their signatures.
- Logic Bombs: This malicious code lies dormant and hidden in the system and uses a trigger to activate. Hence, anti-malware solutions do not detect these as active threats.
- Trojan Horses: Trojans are programs that seem legitimate and also use a system’s regular naming convention. These may appear as our anti-malware programs as well.
- Zero-day Malware: These are most dangerous, as their signature is either unknown to anti-malware vendors or there is a delay in updating the signature database by end-users.
- Hoaxes: Though these are not genuine malware, they do cause panic and interruption of regular business activities while carrying out a complete audit of one’s network.