File Integrity Monitoring for Windows Using Elastic Agent

Hello all,

I have been looking into how to implement Elastic Security most effectively to meet PCI requirements and a snag I've run into with other tools is successfully implementing FIM in a Windows environment. I am not sure to what extent the Elastic agent is capable of doing this and would greatly appreciate some insight into how others have done it. I know you can utilize OSQuery to enable FIM (via iNotify) pretty easily in Linux, but OSQuery for Windows has given me plenty of trouble in the past. Any thoughts?

I am also aware you can use Beats to enable the FIM module. This question is strictly pertaining to the agent.

Thank you!

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.