File Integrity Monitoring
File Integrity Monitoring (FIM) is a foundational control that involves analyzing operating system and application software files to determine if and when they have changed, how they changed and who made the change using a verification method between a current file state and a known baseline.
Over the past decade, FIM requirements have made their way into various compliance requirements including PCI-DSS, SOX (Sarbanes-Oxley Act), FISMA, HIPAA, SANS and other regulatory mandates with a "check the box mentality". The fact of the matter is that FIM alone as a detective control lacks additional functionality to guarantee continuous compliance and assurance on an ongoing basis.
Traditional FIM Solutions
Traditional FIM solutions take a very narrow look at Integrity and the unknown or unsuspecting consequence of “baselines” as they pertain to security breaches and checking the box of compliance mandates. They simply establish a baseline to determine if any additions, modification or deletions have been made to the target files or directories and alert on those changes.
NNT puts the "I" in FIM!
NNT has introduced a number of revolutionary concepts into its suite of products giving FIM the “Integrity” element it is sadly absent in other ‘so called’ FIM solutions. It also solves the issue of “noise” and "integrity drift" while delivering the necessary manageability and scalability where traditional solutions fall short.
NNT has developed a unique intelligent change control technology which is proven to reduce change noise as much as 99% leaving only unknown, unwanted or unauthorized changes highlighted .
NNT has a white-list database of over 9 billion known and trusted files in its Fast Cloud Integrity Assurance product that can validate and verify the integrity and authenticity of system and application files in real-time.
NNT’s modern, componentized architecture can support at a minimum 10 times more devices with a single console than any competitive FIM solution. This solves the problem of having multiple consoles deployed to manage what a single NNT console can provide.
NNT can deliver continuous compliance in real-time...whatever the standards, regulations or policies. If systems deviate, NNT provides descriptive details on how to rectify the compliance requirement so the issue will no longer present itself.
- Faster Detection Saves Orgs 70% in Data Breach Costs
- Threat Intelligence- Tell Me Everything, but Only What I Need to Know
- Implementing Layered Security to Protect Against Modern Malware
- File Integrity Monitoring: Your Last Line of Defense in Achieving PCI DSS Compliance
- Windows File Integrity Monitoring 101
- All File Integrity Monitoring Articles
- The 5 Stages of Compliance Audit Grief
- PCI DSS and File Integrity Monitoring Explained
- File Integrity Monitoring - The Last line of Defense in the PCI DSS
- All File Integrity Monitoring White Papers
- Triton Malware Found Inside Second CNI Facility
- Cybercriminals Outspend Organizations in Uphill Cybersecurity Battle
- Virginia Bank Hit by Coordinated $2.4M ATM Attack
- BEC Scams Costing Orgs Over $12 Billion in Losses
- U.S. Government Warns of North Korean APT Malware
- All file integrity monitoring blog posts
Combine industry leading Device Hardening, File Integrity Monitoring, Change Control, Configuration Management & Compliance Management into one easy to use solution that can scale to the most demanding environments!
Automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology) Integrity Assurance.
Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds.
Without integrity you don't have security and without security you don't have trusted computing – Ron Ross, NIST
Access CIS Resources
Access a broad range of CIS Benchmark reports to audit your enterprise and continuously monitor for any drift from your hardened state.
Download Reports »
Server Hardening Resources
Download Hardened Services checklists, derived by NNT in conjunction with Microsoft, to manually audit your servers for compliance.
Download Checklists »
Audit Policy Template Resources
Gain access to audit policies derived from the Center for Internet Security to generate audit logs on all relevant security levels.
Download Audit Policies »