Problem: You need to be notified when permission changes are made to sudo
File integrity monitoring (or “FIM”) permits you to identify when changes are made to your files. If you are concerned that a critical file may be inadvertently changed, or that an attacker may mess with certain files on your system, file integrity monitoring can help you spot these changes. Halo generates a cryptographic hash of each file, and then stores that hash on our grid. Later checks verify that the file continues to generate the same hash value.
(For an overview of Halo FIM, see our video, our user guide, or our guide for people who are familiar with file integrity monitoring.)