File Integrity Monitoring

File Integrity Monitoring (FIM) is an essential security control that, done properly, monitors and reports any change to the integrity of system and configuration files. Maintaining integrity is key because changes to files could represent a malware infection.

Malware will typically reside within an executable file or have some means of triggering a command or code. Malware will either embed itself within an existing file or create a new one masquerading as a legitimate inclusion.

NNT is quite simply the best and most effective FIM solution on the market today because it is the only one that combines inbuilt self-learning intelligence to determine the validity of activity with the world’s largest file whitelisting service to determine the authenticity of activity.

The result is a precision system that will sift through the mass of legitimate file changes and only alert you to those that may be potentially harmful. NNT puts the ‘I’ back in FIM!

Are all FIM solutions created equal? No!

No, not by a long way. In fact, many so called FIM tools will actually compound the issue by simply monitoring file activity, which will generate an enormous amount of change noise, making the task of identifying malicious activity even harder. You would almost be better off with nothing!

The critical element here, is the ability to determine which file activity is known, expected and harmless compared to that which is potentially dangerous or disruptive.

NNT is unique in that we combine forensic analysis and behavioral analytics with essential integrations with other trusted source information, such as the ability to determine whether or not the change was part of a planned change, matches an approved change manifest or is whitelisted and recognized good. To fully understand how, ask us for a demo and find out how to unleash the power of effective File Integrity Monitoring for your organization.

screenshot
screenshot
screenshot
screenshot
The reality of “traditional” FIM technologies is very apparent…

1

Traditional FIM technologies have no discerning way to determine and validate if a change is expected or unexpected. They just simply alert if a baseline has been changed.

Consequence – Without the ability to determine if change(s) are expected, authorized or non-malicious, an origination is essentially driving blind to risk of availability, compliance or security issues.

2

The velocity and volume of change on a daily basis is so great that IT personnel often discontinue using these traditional solutions because of the complexity to manage the amount of change called “noise”.

Consequence – If the problem of change “noise” is not addressed in a comprehensive manner as a critical detective control for mitigating the risk of downtime and security breaches, operational instability and exposure to breaches will continue to rise.

3

IT personnel have no way to validate and verify the authenticity of the individual files changing which introduces “integrity drift”. As the confidence of integrity diminishes, risk of downtime and security breaches increases!

Consequence - Integrity drift occurs when the proper detective controls ARE NOT in place to manage and reconcile observed changes with expected changes. This results in a decreased confidence and can leads to service availability issues, compliance problems or worse…a security breach.

NNT provides a state-of-the-art FIM solution that will maintain 100% confidence on a daily basis.

So What Makes NNT Different From Other FIM Solutions?

NNT puts the "I" in FIM!
NNT has introduced a number of revolutionary concepts into its suite of products giving FIM the “Integrity” element it is sadly absent in other ‘so called’ FIM solutions. It also solves the issue of “noise” and "integrity drift" while delivering the necessary manageability and scalability where traditional solutions fall short.

Noise Reduction

Noise Reduction
NNT has developed a unique intelligent change control technology which is proven to reduce change noise as much as 99% leaving only unknown, unwanted or unauthorized changes highlighted .

Integrity Drift

Prevent Integrity Drift
NNT has a white-list database of over 9 billion known and trusted files in its Fast Cloud Integrity Assurance product that can validate and verify the integrity and authenticity of system and application files in real-time.

Scalability/Manageability

Scalability/Manageability
NNT’s modern, componentized architecture can support at a minimum 10 times more devices with a single console than any competitive FIM solution. This solves the problem of having multiple consoles deployed to manage what a single NNT console can provide.

Continuous Compliance and Assurance

Continuous Compliance & Assurance
NNT can deliver continuous compliance in real-time...whatever the standards, regulations or policies. If systems deviate, NNT provides descriptive details on how to rectify the compliance requirement so the issue will no longer present itself.

NNT's FIM solution helps you to strengthen security in 4 key areas:

 

 

 

NNT provides a state-of-the-art FIM solution.
Traditional FIM and SIEM FIM simply won’t measure up!

White paper: Security Best Practices & FIM
icon
White paper: Threat Intelligence & FIM
icon
 
Additional FIM Resources

Without integrity you don't have security and without security you don't have trusted computing – Ron Ross, NIST

NNT Suite of Products

change tracker gen7r2 logo

Combine industry leading Device Hardening, File Integrity Monitoring, Change Control, Configuration Management & Compliance Management into one easy to use solution that can scale to the most demanding environments!

fastcloud logo

Automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology) Integrity Assurance.

log tracker logo logo

Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds.

vulnerability tracker logo

Continuously scan and identify vulnerabilities with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

Latest Resources

CIS

Access CIS Resources
Access a broad range of CIS Benchmark reports to audit your enterprise and continuously monitor for any drift from your hardened state.
Download Reports »

Server Hardening

Server Hardening Resources
Download Hardened Services checklists, derived by NNT in conjunction with Microsoft, to manually audit your servers for compliance.
Download Checklists »

Audit Policy

Audit Policy Template Resources
Gain access to audit policies derived from the Center for Internet Security to generate audit logs on all relevant security levels.
Download Audit Policies »

USA Offices
New Net Technologies LLC
Naples
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
Atlanta
1175 Peachtree St NE
Atlanta, Georgia, 30361.
Portland
4145 SW Watson, Suite 350
Beaverton, Oregon, 97005.

Tel: (844) 898-8358
email [email protected]
UK Office
New Net Technologies Ltd
Rivers Lodge, West Common
Harpenden, Hertfordshire
AL5 2JD

Tel: 01582 287310
email [email protected]
CIS benchmarking SEWP Cybersecurity 500Sans Institute Now Certified IBM Security
Copyright 2019, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.