The Cybersecurity Industry is in Trouble

In recent years, several vendors with prominent brands have added “FIM” to their feature sets. The problem is that it’s not real FIM. It’s merely change monitoring, which produces little more than noise. It’s painful to watch this unfold in our industry. It feels as if I am watching a train wreck about to occur in slow motion. The concept of FIM should be well-understood within the cybersecurity community, and I always thought that industry professionals would realize that these tools labeled as “FIM solutions” are not true FIM.

Unfortunately, large enterprises are adopting these half-baked FIM solutions without realizing that these solutions in EDRs, XDRs, and SIEMs do not meet the intent or objective of true FIM. My hope is that this acceptance stems from a lack of awareness rather than a desire to simply adopt a ‘checkbox FIM’ mentality, so my goal (Read more...)