File integrity monitoring (FIM) examines files and registries of operating systems and application software for changes that might indicate an attack. A comparison method is used to determine if the current state of the file is different from the last scan of the file. You can use this comparison to determine if valid or suspicious modifications were made to your files.
When you enable Defender for Servers, you can use FIM to validate the integrity of Windows files, your Windows registries, and Linux files.
Adaptive application controls (AAC)
Adaptive application controls are an intelligent and automated solution for defining allowlists of known-safe applications for your machines. When you’ve configured adaptive application controls, you get security alerts if any application runs other than the ones you defined as safe.
Leave a Reply