File Integrity Monitoring (FIM) is a security process used to verify that critical system files—such as operating system files or application software files—remain unchanged and have not been tampered with without authorization, which could indicate a potential cyber threat.

FIM works by comparing the current state of files with a previously recorded baseline, typically using hash values to detect any changes. It may also evaluate other file attributes such as file size, last modified timestamp, or access permissions. The system can be configured to monitor these files automatically based on a set schedule, through random checks, or in real-time as soon as any changes occur.

This capability allows organizations to effectively monitor and maintain data security, helping to detect unauthorized modifications and respond quickly to potential threats.