Linux Security Podcast EP 2 on File Integrity Monitoring
File Integrity Monitoring is designed to notify you when files have changed on a system. It was one of the very first security detection capabilities in existence and is almost as old as passwords. FIM has also been incorporated into many regulatory and security protocols. Mike Shinn breaks down the core elements of FIM, how it evolved, where it falls short today, and how open source solutions like OSSEC provide new features that are a big step up from Tripwire and other legacy tools.