So if this is a private network, upon submitting the file for
tracking, one can setup the hash of the file. Then if the file is
modified, that hash can be compared against the modified file, to me
this seems like the only way to have a detection based on anomaly.
tracking, one can setup the hash of the file. Then if the file is
modified, that hash can be compared against the modified file, to me
this seems like the only way to have a detection based on anomaly.
Otherwise, If it is my network, and...
[ more ]