Does Symantec Endpoint Protection Include File Integrity Monitoring Fim [verified] (Genuine · 2024)

As of the latest Broadcom Symantec Endpoint Protection versions (14.x, 15.x), the core components are:

Formerly known as Critical System Protection, this is the primary solution for FIM. It uses a kernel-level agent to provide real-time file integrity monitoring (RT-FIM) , alerting you whenever critical system files, registry keys, or configuration files are modified. As of the latest Broadcom Symantec Endpoint Protection

For PCI DSS, you can argue that (allowlisting) that prevents any unapproved executable from running, combined with strict write-access blocking to critical system directories, serves as a compensating control for FIM. However: alerting you whenever critical system files