Automated Configuration Change Detection

By Daniel Carter

How important is File Integrity Monitoring?

This is a difficult question because depending on the status of your network you may have very different answers. If you have a perfectly functioning network, you may say it is important, but not critical. However, if you have a device that is not working correctly or even a suspected privacy leak, this becomes critical.

For both cases, the answer should be critical, prevention is always better than cure.

Every week there is a new report about a database that was compromised or a cryptocurrency miner that was installed unbeknown to anyone. One step in the prevention of these events is to monitor files and folders that are critical to operations, directories such as C:\Windows\System32 or C:\Windows\Program Files on Windows or /bin/ or /etc/ on Linux.

Open-AudIT Enterprise can automatically detect configuration changes in files or folders, this is a query that ships with the software. With every query for Open-AudIT Enterprise users, this can be scheduled, you could have this run weekly, daily, hourly or even every 10 minutes if you need to. The process is straightforward to initialize and if it is ever needed, you will look like a god for thinking of it in advance.

This is just scratching the surface, for more information, a setup guide or to test this for yourself, follow the links below.