Find Resources and Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

Subscribe to this discussion

Software Integrity Checks

Is it possible to conduct a software integrity checks on in-scope components upon start-up or at least once per day? Is there any tools available? Can we do it manually?
You must sign in to rate content.
(1 ratings)

Comments

RE: Software Integrity Checks

There are many such tools. From the PCI DSS standard these are Call FIM (File Integrity Monitoring). The question usually is about expense of the tool rather than whether it can be done. Linux has low expense tools that are different that Windows. But, even with sweat equity of Agile scripting projects, it is entirely possible to have a secure repository of SHA2 hashes that are compared to a timed batch job that runs once a day or part of the tool start up sequence to validate the software and its critical configuration files have the same SHA2 hash today as they did at the last authorized production change. Template images in VMware for server deployments can be tested before deployment. Compliance requirements for configuration can be tested after deployment either in self checking or as a compliance service sweeping specific classes of servers: All in scope Linux Systems, All in scope Windows 2012 servers, All in scope Oracle Databases, etc... For Redhat Linux, a simple command might be Redhad> sha256sum File_of_Interest
Don TurnbladeEnergizer at 10/26/2017 12:26:24 PM Quote
You must sign in to rate content.
(Unrated)

RE: Software Integrity Checks

Wikipedia even has a list of worthy vendors to consider. https://en.wikipedia.org/wiki/File_integrity_monitoring
Don TurnbladeEnergizer at 10/26/2017 12:32:35 PM Quote
You must sign in to rate content.
(Unrated)

RE: Software Integrity Checks

Wikipedia even has a list of worthy vendors to consider. https://en.wikipedia.org/wiki/File_integrity_monitoring
Don TurnbladeEnergizer at 10/26/2017 12:32:35 PM Quote
You must sign in to rate content.
(Unrated)

RE: Software Integrity Checks

There are many such tools. From the PCI DSS standard these are Call FIM (File Integrity Monitoring). The question usually is about expense of the tool rather than whether it can be done. Linux has low expense tools that are different that Windows. But, even with sweat equity of Agile scripting projects, it is entirely possible to have a secure repository of SHA2 hashes that are compared to a timed batch job that runs once a day or part of the tool start up sequence to validate the software and its critical configuration files have the same SHA2 hash today as they did at the last authorized production change. Template images in VMware for server deployments can be tested before deployment. Compliance requirements for configuration can be tested after deployment either in self checking or as a compliance service sweeping specific classes of servers: All in scope Linux Systems, All in scope Windows 2012 servers, All in scope Oracle Databases, etc... For Redhat Linux, a simple command might be Redhad> sha256sum File_of_Interest
Don TurnbladeEnergizer at 10/26/2017 12:26:24 PM Quote
You must sign in to rate content.
(Unrated)

RE: Software Integrity Checks

There are many such tools. From the PCI DSS standard these are Call FIM (File Integrity Monitoring). The question usually is about expense of the tool rather than whether it can be done. Linux has low expense tools that are different that Windows. But, even with sweat equity of Agile scripting projects, it is entirely possible to have a secure repository of SHA2 hashes that are compared to a timed batch job that runs once a day or part of the tool start up sequence to validate the software and its critical configuration files have the same SHA2 hash today as they did at the last authorized production change. Template images in VMware for server deployments can be tested before deployment. Compliance requirements for configuration can be tested after deployment either in self checking or as a compliance service sweeping specific classes of servers: All in scope Linux Systems, All in scope Windows 2012 servers, All in scope Oracle Databases, etc... For Redhat Linux, a simple command might be Redhad> sha256sum File_of_Interest
Don TurnbladeEnergizer at 10/26/2017 12:26:24 PM Quote
You must sign in to rate content.
(Unrated)

RE: Software Integrity Checks

Wikipedia even has a list of worthy vendors to consider. https://en.wikipedia.org/wiki/File_integrity_monitoring
Don TurnbladeEnergizer at 10/26/2017 12:32:35 PM Quote
You must sign in to rate content.
(Unrated)

Leave a Comment

* required

You must login to leave a comment.