Azure App Service - File Integrity Monitoring (FIM)

Question

I have a regulatory requirement to implement file integrity monitoring, however, I am deploying my application on Azure Web App Services, and all third party FIM tools require the installation of an agent. This isn't possible as the OS is abstracted in the Azure web app service.

In Azure Security Center, I can see the File Integrity(FIM) Monitoring but it is only working for VM. is there any way to work FIM for App Service?

thanks

score 0 · Accepted Answer · answered Nov 19 '19 at 15:38

0

AFAIK, this is abstracted due to the sandbox restriction. As File Integrity Monitoring (FIM), also known as change monitoring, examines files and registries of operating system. This access is not there.

https://github.com/projectkudu/kudu/wiki/Azure-Web-App-sandbox

answered Nov 19 '19 at 15:38

DixitArora-MSFT

1,768
1
5
8

Thanks, I also found Azure Application Changes Analysis. Is it the similar to FIM? It can be used as an FIM? – Sakaldeep Yadav Nov 20 '19 at 10:13
It is not similar to FIM but Azure application change Analysis is applicable to Azure web apps. https://learn.microsoft.com/en-us/azure/azure-monitor/app/change-analysis#viewing-changes-for-all-resources-in-azure – DixitArora-MSFT Nov 20 '19 at 10:19
Is there any way to achieve FIM for App Service? – Sakaldeep Yadav Nov 20 '19 at 10:30

score 0 · Answer 2 · answered Feb 27 '22 at 22:52

0

Resource level and code-level changes can be tracked using Application change analysis and act like a FIM. https://sakaldeep.com.np/1201/can-application-change-analysis-act-as-fim-for-azure-app-service

answered Feb 27 '22 at 22:52

Sakaldeep Yadav

392
1
6
20

score 0 · Answer 3 · answered Mar 11 '22 at 18:50

0

According to the docs, Azure App Service natively includes Microsoft Defender for Cloud, which includes File Integrity Monitoring.

answered Mar 11 '22 at 18:50

zekay2000

26
3

Azure App Service - File Integrity Monitoring (FIM)

3 Answers3