Automated Configuration Change Detection

Why File Integrity Monitoring Is Critical

How important is File Integrity Monitoring? This is a difficult question because depending on the status of your network you may have very different answers. If you have a perfectly functioning network, you may say it is important, but not critical. However, if you have a device that is not working correctly or even a suspected privacy leak, this becomes critical.

For both cases, the answer should be critical -- prevention is always better than cure. Every week there is a new report about a database that was compromised or a cryptocurrency miner that was installed unbeknown to anyone.

Monitoring Critical Directories

One step in the prevention of these events is to monitor files and folders that are critical to operations, directories such as C:\Windows\System32 or C:\Windows\Program Files on Windows, or /bin/ or /etc/ on Linux.

How Open-AudIT Enterprise Helps

Open-AudIT Enterprise can automatically detect configuration changes in files or folders -- this is a query that ships with the software. With every query for Open-AudIT Enterprise users, this can be scheduled: you could have this run weekly, daily, hourly, or even every 10 minutes if you need to.

The process is straightforward to initialize, and if it is ever needed, you will look like a god for thinking of it in advance. This is just scratching the surface of what is possible with automated change detection.

Related reading: File and Folder Audit and Automation