File Integrity Monitoring — from agent hash to Threat Center tab
Subtitle: SAM, SECURITY, SYSTEM, and hosts — baselined on every Windows security harvest.
Compliance frameworks ask whether critical system files changed. Traditional FIM agents are heavy, noisy, and often deployed on servers only.
Dual-Strike XISEM 8.8.0 closes the loop: agent collection → platform ingest → Threat Center File Integrity tab → alert path for high/critical changes.
What the agent watches (Windows default)
When WatchPaths is empty, the Windows agent hashes on each security harvest (~15 min):
C:\Windows\System32\config\SAMC:\Windows\System32\config\SECURITYC:\Windows\System32\config\SYSTEMC:\Windows\System32\drivers\etc\hosts
Configurable via Agent:FileIntegrity in agent settings.
What analysts see
Threat Center → File Integrity — baselines, changes, analyst explainer copy
High/critical path changes continue through existing alert logic
Compliance mapping for PCI-DSS, HIPAA, SOC 2-style controls where FIM evidence applies
Deploy checklist (public)
Upgrade to Dual-Strike XISEM Agent 8.8.0 GA line when promoted in your channel
Confirm one security harvest cycle completes
Open File Integrity — expect four tracked files per Windows endpoint at baseline
Downloads: dual-strike.com/downloads
Ship when 8.8.0 GA is your fleet standard — adjust version callout if publishing before GA promotion.

