File Integrity Monitoring

Ensure the integrity of sensitive files.

Simplify and strengthen your organization's security, audit and compliance postures.

Employing steady-state monitoring to ensure the integrity of sensitive files is more than just a security best practice; for many organizations, it is a regulatory mandate as well. By combining File Integrity Monitoring (FIM) with Log Management,  the ControlScan Log Monitoring and Management Service allows your business to simplify and strengthen its security, audit and compliance postures.

User-Aware File Integrity Monitoring

ControlScan’s holistic approach allows security personnel to be notified when files are created or key files are viewed, deleted or modified, and when group ownership of files is changed.

For selective monitoring, The ControlScan Log Monitoring and Management Service adds granular controls and filters that can select specific files and either perform scans at desired intervals or operate in real time mode for continuous protection. File-level behavior can then be correlated to additional security and audit activities to investigate potentially harmful network activity.

The service supports policy-based FIM that allows multiple policies to be assigned to the same endpoint, reducing ongoing management as policies are updated. For example, individual policies can be created for Linux Operating System files and Directories, Web Application Servers and DNS Servers.

When the Web Application Servers and DNS Servers are running on a Linux Host, all three FIM policies will be combined. FIM multi-policy support ensures that FIM policies are assigned to the appropriate assets and that changes to those policies are propagated across the environment.

Fully Integrated with Log and Event Management as well as Endpoint Monitoring and Control

  • Addresses 80 different control requirements of the PCI DSS.
  • Sends contextualized alerts whenever confidential data is viewed, modified or deleted.
  • Provides a complete set of forensic data for rapidly identifying the root cause of security breaches.

Monitors All Types of Files

  • Includes executables; configuration, content, log, audit, web and database files; point-of-sale systems and more.
  • Granular controls ensure that each monitored file is scanned at the desired frequency.
  • Real-time FIM provides specific details about which user viewed, modified, or deleted specific files.


  • Supported on Windows, Unix and Linux systems.
  • Can be deployed on both desktops and servers.
  • Simplified policy support with the ability to assign multiple FIM policies to the same host.