File Integrity Monitoring history, features, limitations and recent advances - Linux Security Podcast Ep. 2

Linux Security Podcast

English - April 26, 2018 02:30 - 15 minutes - 34.9 MB - ★★★★★ - 1 rating
Technology atomicorp cybersecurity endpointprotection linuxsecurity mikeshinn scottshinn waf Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed

Previous Episode: What is a Brute Force Attack? Linux Security Podcast Ep. 1

Next Episode: Meltdown and Spectre Vulnerabilities, the issue and countermeasures - Linux Security Podcast Ep. 3

File Integrity Monitoring is designed to notify you when files have changed on a system. It was one of the very first security detection capabilities in existence and is almost as old as passwords. FIM has also been incorporated into many regulatory and security protocols. Mike Shinn breaks down the core elements of FIM, how it evolved, where it falls short today, and how open source solutions like OSSEC provide new features that are a big step up from Tripwire and other legacy tools.