The integrity monitoring module scans for unexpected changes to registry values, registry keys, services, processes, installed software, ports and files on Deep Security Agents. Using a baseline secure state as a reference, the integrity monitoring module performs scans on the above and logs an event (and an optional alert) if it detects any unexpected changes.

To enable and configure integrity monitoring, see Set up integrity monitoring.

To more information on creating integrity monitoring rules, see Create an integrity monitoring rule. You can create a rule from a file or registry monitoring template, or by using the Deep Security XML-based Integrity monitoring rules language.