corner
Solidcore
line
Solidcore top nav left cornerSolidcore InformationBlogRSS Feed | Solidcorecornerline

Corner
Whitelisting and File Integrity Monitoring Solutions
side line

For Security
For Compliance
For Availability

File Integrity Monitoring Solution

PCI Standards CouncilFile Integrity Monitoring (FIM) is the capability to monitor files and directories on a server for changes to content, permissions or both. Solidcore introduced its breakthrough “continuous” file integrity monitoring (CFIM) technology in 2005, which has been rapidly adopted by customers worldwide. Leading Qualified Security Assessors (QSAs), auditors and other experts have endorsed Solidcore’s continuous file integrity monitoring as a preferred solution for meeting Payment Card Industry (PCI) compliance and operational control requirements because of the following capabilities:

  • Detect all Changes: Solidcore continuous file integrity monitoring captures every single change to a file. Other products using a “scan-and-diff” technology may miss changes if more than one change happens to a file between scans.

  • Detect Transient Violations: Related to the first point, if a file is changed and changed back, scan-and-diff solutions will not be able to detect this violation. Solidcore continuous file integrity monitoring is able to catch all transient violations.

  • Disk and Memory Protection:  POS Check & Control protects critical applications, files, configurations, and directories from view, and from being altered or hijacked. While on disk or in memory, data can be protected from users and applications that do not have the authorization or credentials to view or make changes.

  • Rich Forensic Data:  Continuous file integrity monitoring from Solidcore is able to collect a comprehensive set of data, including the exact time when a change happened, who was logged into the machine when the change occurred, and what processes (like editors) were running.

  • Known vs. Unknown:  Scanning the entire system can consume system resources, so scan-and-diff solutions optimize a scan by looking for changes to specific files only. This approach can miss changes which are unknown, for example, if a patch introduced a new file or directory that was not added to the scan list. Solidcore continuous file integrity monitoring incurs very little overhead, thereby allowing monitoring of the entire system.

> Get the Continuous File Integrity Monitoring White Paper

 


Continuous File Integrity Monitoring White Paper
RESOURCES

. Datasheets
. White Papers
. Webinars
. Case Studies
. Videos

.
corner
corner
corner
Copyright © 2003-2009 McAfee, Inc. All Rights Reserved. | Terms of Use | Privacy Policy | Products | Solutions | Support | Resources | Company | Contact Us