Hello all,
I have been looking into how to implement Elastic Security most effectively to meet PCI requirements and a snag I've run into with other tools is successfully implementing FIM in a Windows environment. I am not sure to what extent the Elastic agent is capable of doing this and would greatly appreciate some insight into how others have done it. I know you can utilize OSQuery to enable FIM (via iNotify) pretty easily in Linux, but OSQuery for Windows has given me plenty of trouble in the past. Any thoughts?
I am also aware you can use Beats to enable the FIM module. This question is strictly pertaining to the agent.
Thank you!