Qualys FIM Boosts Windows Asset Protection With Granular Registry Monitoring
Qualys File Integrity Monitoring (FIM) has enhanced its capabilities to better protect Windows assets against cyber threats. The service now records granular details of registry 'history', including 'who-data', offering organisations a more comprehensive view of 'my activity' within their systems.
Adversaries often exploit Windows registries to hide configuration information and maintain persistence. To counter this, Qualys FIM now covers crucial registry objects, enabling it to detect unauthorized changes to critical functionalities such as autoruns, boot sequences, and firewalls.
The service generates automated incidents for such unauthorized 'activity' using correlation rules. This helps organisations to quickly identify and respond to potential threats. Moreover, Qualys FIM offers a 'Monitoring Profile for Windows Registry Settings' to track these changes effectively.
Data from Qualys FIM can be exported to the ELK stack or integrated with Splunk for further correlation and analysis. This allows organisations to gain deeper insights into registry 'history' and potential unauthorized 'activity'.
With around 80 MITRE techniques/sub-techniques involving the Windows registry, it's crucial for organisations to monitor changes in registries as part of their file integrity monitoring program. Qualys FIM's enhanced capabilities provide a robust solution for detecting and responding to unauthorized 'activity', helping organisations to better protect their Windows assets against attacks.
Read also:
- Mural at blast site in CDMX commemorates Alicia Matías, sacrificing life for granddaughter's safety
- Microsoft's Patch Tuesday essential fixes: 12 critical vulnerabilities alongside a Remote Code Execution flaw in SharePoint
- Swedish Housing Associations Hike Fees by 8.1% Amidst Inflation and Interest Rate Surge
- British intelligence agency MI6 establishes a covert dark web platform named 'Silent Courier' in Istanbul for the purpose of identifying and enlisting secret agents.
