Continuous Monitoring For Compliance.
Real time visibility
So what is the alternative? Without doubt it would make far better security sense to be continually scanning for breaches – but vulnerability scanning is just too inefficient, too resource intensive and will never be the real-time breach detection solution needed. In contrast, real-time, continuous, change detection with file integrity monitoring (FIM) is low resource activity that can be run all the time and hence detect and alert breach activity within seconds of an incident.
The key difference is that, unlike the vulnerability scanner, the FIM process takes a one-time baseline of all system and configuration files. This will include registry settings, installed software, running processes and services, user accounts, security and audit policy settings; in other words, all the attributes that will reflect breach activity. From then on only changes will be tracked, which requires minimal resources. The result is continuous, real-time breach detection without the resource overhead and stop-start operation of the scanner.
To put it into context, with this approach the changes behind made by the malware at Target would have been picked up within minutes: enabling the company to investigate and save its reputation and bottom line.
Web Solution Texas is the largest IT company directory in the Lone Star state. Browse through regions and listing categories, and increase your network via our community.