File Integrity Monitoring Software

TrustRadius Top Rated for 2023

Top Rated Products

(1-5 of 5)

1
ManageEngine ADAudit Plus

ADAudit Plus offers real-time monitoring, user and entity behaviour analytics, and change audit reports that helps users keep AD and IT infrastructure secure and compliant.Track all changes to Windows AD objects including users, groups, computers, GPOs, and OUs.Achieve hybrid AD…

2
CrowdStrike Falcon

CrowdStrike offers the Falcon Endpoint Protection suite, an antivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Falcon Spotlight module delivers vulnerability assessment…

3
Microsoft Defender for Cloud

Microsoft Defender for Cloud is a Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP) for Azure, on-premises, and multicloud (Amazon AWS and Google GCP) resources.

4
Rapid7 InsightIDR

In addition to their incident response service, Rapid7 offers InsightIDR, a combined XDR and SIEM that provides user behavior and threat analytics.

5
Qualys TruRisk Platform

Qualys TruRisk Platform (formerly Qualys Cloud Platform, or Qualysguard), from San Francisco-based Qualys, is network security and vulnerability management software featuring app scanning and security, network device mapping and detection, vulnerability prioritization schedule and…

All Products

(1-16 of 16)

1
AlienVault USM

AlienVault® Unified Security Management® (USM) delivers threat detection, incident response, and compliance management in one unified platform. It is designed to combine all the essential security capabilities needed for effective security monitoring across cloud and on-premises…

2
CrowdStrike Falcon

CrowdStrike offers the Falcon Endpoint Protection suite, an antivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Falcon Spotlight module delivers vulnerability assessment…

3
ManageEngine ADAudit Plus

ADAudit Plus offers real-time monitoring, user and entity behaviour analytics, and change audit reports that helps users keep AD and IT infrastructure secure and compliant.Track all changes to Windows AD objects including users, groups, computers, GPOs, and OUs.Achieve hybrid AD…

4
SolarWinds Security Event Manager (SEM)

SolarWinds LEM is security information and event management (SIEM) software.

5
Microsoft Defender for Cloud

Microsoft Defender for Cloud is a Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP) for Azure, on-premises, and multicloud (Amazon AWS and Google GCP) resources.

6
Qualys TruRisk Platform

Qualys TruRisk Platform (formerly Qualys Cloud Platform, or Qualysguard), from San Francisco-based Qualys, is network security and vulnerability management software featuring app scanning and security, network device mapping and detection, vulnerability prioritization schedule and…

7
Datadog

Datadog is a monitoring service for IT, Dev and Ops teams who write and run applications at scale, and want to turn the massive amounts of data produced by their apps, tools and services into actionable insight.

8
Rapid7 InsightIDR

In addition to their incident response service, Rapid7 offers InsightIDR, a combined XDR and SIEM that provides user behavior and threat analytics.

9
Varonis Data Security Platform

Varonis offers their Data Security Platform, a modular suite of data acess and data security products providing sensitive data discovery, data access governance, unusual behavior detection, GDPR compliance support, as well as incident playbooks and cybersecurity forensic reporting.…

10
Panzura Smart Apps

Smart Apps to Access, Enhance, Protect, & Monitor Data Panzura’s Smart App layer provides data management capabilities, enabling consolidation, simplification, and advanced ransomware protection eliminating the need for insecure 3rd party applications and services. Sync Securely…

11
Assuria ALM-FIM

ALM-FIM is a File Integrity Monitoring solution which is part of the same family of products as Assuria's ALM-SIEM forensic SIEM/Log Management solution. ALM-FIM collects and stores meta data about files, folders and registry keys (a.k.a. Nodes) in order to provide the monitoring…

12
Proofpoint Intelligent Data Classification

Proofpoint Intelligent Classification and Protection (formerly Dathena, acquired by Proofpoint in January 2022) is an AI-powered approach to identifying and classifying business-critical data. It provides actionable recommendations and helps accelerate enterprise DLP programs.

13
Tripwire File Integrity Monitoring

Tripwire File Integrity Monitoring (FIM) has the built-in capability to reduce noise by providing multiple ways of determining low-risk change from high-risk change as part of assessing, prioritizing and reconciling detected change. Auto-promoting countless business-as-usual changes…

14
Fidelis Halo
0 reviews

Fidelis Halo is a cloud security platform developed by CloudPassage and acquired by Fidelis Security in May, 2021. The solution continually inventories, assesses and monitors IaaS and PaaS assets and services, and provides multi-function security for cloud-hosted servers, bare metal…

15
OSSEC
0 reviews

OSSEC is a server intrusion detection for every platform. OSSEC is fully open source and free, and can be tailored to meet a business's security needs through its configuration options, adding custom alert rules and writing scripts to take action when alerts occur. The OSSEC+ edition,…

16
Netwrix Change Tracker

Netwrix Change Tracker is a security configuration management software that helps to secure critical IT systems and prove compliance. The tool highlights unauthorized changes that may indicate suspicious activities, enhancing risk management capabilities, and also to support security…

Learn More About File Integrity Monitoring Software

What is File Integrity Monitoring Software?

File Integrity Monitoring (FIM) Software detects changes to critical system files including directories and registries, executable files and packages, configuration files, and sensitive data files such as password files. These events could be indicative of hostile intrusions or unauthorized access which might result in illicit modifications of critical information. Updates to vital resources are compared to their trusted baselines. These changes are logged, and alerts are created for suspicious activity, enabling follow-up auditing, analysis, and remediation.

FIM software supports continuous or scheduled monitoring, reviewing credentials, update access and permissions, file contents, hash, and configuration values. it identifies which user initiated the changes. FIM software is also used to review installations to see if systems are running their most current software versions and whether relevant patches have been applied. FIM software monitors Windows, Linux, Unix, and macOS systems. FIM software is especially valuable for highly regulated industries such as finance and health care, and for companies with sensitive or proprietary data.

File Integrity Monitoring Software Features

File Integrity Monitoring Software includes many of the following features.

  • Detect file creation, modification, or deletion
  • Monitors files, folders, registry keys, packages, databases, and directories
  • Real-time monitoring
  • Continuous, scheduled, snapshot, or random monitoring times
  • Asset identification
  • Security policy templates for monitored resources
  • Custom security policies
  • Rule-based monitoring
  • Reputation databases
  • Baseline setting
  • Baseline and/or checksum integrity checking
  • Monitoring intelligence for suspicious activity
  • Alerting, recording, and reporting
  • Capture file path, hostname, cluster, user, time of the event, before and after images
  • Response and resolution tracking
  • Search: file, host, cluster, event type, priority, user, time range
  • Dashboards
  • Support Windows, Linux, Unix, macOS
  • Scalable
  • Local, remote, and cloud-based monitoring
  • On-premise, cloud-based, hybrid installations

File Integrity Monitoring Software Comparison

Consider the following when purchasing File Integrity Monitoring Software.

Security Suite vs. Standalone Products: FIM capabilities are often included in broader security suites such as Security Information and Event Management (SIEM), Intrusion Detection Systems, Log Management Tools, and Privileged Access Management Solutions. Stand-alone FIM software usually provides ready integrations with those solutions.

On-premises vs Cloud-based Installations: When appropriate for your environment cloud-based FIM solutions offer global reach, simplify implementation, and reduce the need for multiple point product installations and their potentially higher costs.

Platforms: Some FIM products can be installed on and support multiple operating systems, others will only support Windows or Linux/Unix.

Scalability: Depending on the size of your IT infrastructure, FIM can create a large amount of information to be reviewed. For enterprise-scale monitoring, your selection should provide the ability to narrow its focus to essential resources and critical updates.

Pricing Information

Most vendors recommend obtaining an FIM custom price quote based on your IT infrastructure and requirements. When FIM features are included as part of a larger security solution the cost is often bundled in with its other components. Free trials are available and there are free open-source options

Related Categories

Frequently Asked Questions

What is file integrity monitoring software?

File Integrity Monitoring (FIM) software provides IT security for operating systems, files, data, and applications by identifying suspicious changes to critical assets and creating alerts for follow-up investigation and remediation.

What are the benefits of using file integrity monitoring software?

File Integrity Monitoring (FIM) software helps protect against malware, data loss, and theft. The software accelerates the identification and remediation of compromised resources whether they occur through the actions of bad actors or by unintended updates or errors. Its intelligence capabilities identify which updates most likely constitute a threat, allowing IT staff to focus their efforts where needed. FIM facilitates cyber-attack investigations and helps demonstrate data security regulatory compliance.

How much does file integrity monitoring software cost?

Most vendors recommend obtaining a custom price quote based on your IT infrastructure and requirements. There are free open-source FIM software options. Free trials are available.