FIM

FIM tracks changes to files and directories on systems by comparing current state against a known-good baseline. Unexpected modifications to system binaries, configuration files, or security-sensitive directories can indicate compromise or unauthorized change.

FIM is a compliance requirement for PCI DSS and is commonly implemented in HIDS solutions.