cancel
Showing results for 
Search instead for 
Did you mean: 
tjl
Level 7

HIPS - any file integrity monitoring capability? (re: PCI DSS 11.5)

Hello,

I've got a client who is planning on deploying HIPS to a pile of workstations, but there is need to support file integrity monitoring for PCI DSS 11.5. My question is, does HIPS have the capability of alerting on file changes at all? In this case, we're looking at a basic Windows install for the most part, main payment applications are accessed via browser.

I understand that other products do this directly, but they're naturally reluctant to do more than required.

  Thanks!

0 Kudos
2 Replies
sudeepg
Level 10

Re: HIPS - any file integrity monitoring capability? (re: PCI DSS 11.5)

You can create custom signatures to block/log file/folder access/changes.

This can help you in monitoring the changes.

But incase you Block the c:\windows folder from any changes then you might run into issues when hotfix/patch/servicepack install happens.

So test thoroughly.

0 Kudos
tjl
Level 7

Re: HIPS - any file integrity monitoring capability? (re: PCI DSS 11.5)

Thanks Sudeep!

This client is investigating a few options, including some which will affect their patch management processes. This may not be the optimal solution, but it does provide them with one alternative.

  Tim

0 Kudos