Reputation: 446
Azure App Service - File Integrity Monitoring (FIM)
I have a regulatory requirement to implement file integrity monitoring, however, I am deploying my application on Azure Web App Services, and all third party FIM tools require the installation of an agent. This isn't possible as the OS is abstracted in the Azure web app service.
In Azure Security Center, I can see the File Integrity(FIM) Monitoring but it is only working for VM. is there any way to work FIM for App Service?
thanks
Upvotes: 0
Views: 1350
Answers (3)
Reputation: 26
According to the docs, Azure App Service natively includes Microsoft Defender for Cloud, which includes File Integrity Monitoring.
Upvotes: 0
Reputation: 446
Resource level and code-level changes can be tracked using Application change analysis and act like a FIM. https://sakaldeep.com.np/1201/can-application-change-analysis-act-as-fim-for-azure-app-service
Upvotes: 0
Reputation: 1811
AFAIK, this is abstracted due to the sandbox restriction. As File Integrity Monitoring (FIM), also known as change monitoring, examines files and registries of operating system. This access is not there.
https://github.com/projectkudu/kudu/wiki/Azure-Web-App-sandbox
Upvotes: 0
Related Questions
- Azure App Service File And Configuration Change Monitoring
- Azure App Service - write to filesystem - ASP.NET web application
- Azure Back Ground Services For File Processing
- Automate App Service diagnostic logging to Storage
- Azure Policy to audit app service authentication
- Auditing Azure File Storage Service
- Azure app service
- Azure App Functions file system
- Azure App Services Antimalware?
- Monitoring the Azure app services