1. Proposed title of this feature request
File Integrity Monitoring for PCI-DSS

2. What is the nature and description of the request?
Provide File Integrity Monitoring with richer features to met new PCI-DSS challenges
Openshift provides File Integrity Operator, an AIDE based solution to monitor file at node level.
More requirements come with PCI-DSS v4 in this area AIDE won't solve. Here after missing features.
Some customers dealing with strong compliancies and regulation rules need a diffent tooling than AIDE.
CrowdStrike provides a solution for kubernetes which is doing File Integrity Monitoring.
My customer decided to go with this solution for this year since File Intergity Operator based on AIDE
does not provide answers to PCI-DSS challenges

3. Why does the customer need this? (List the business requirements here)
Openshift provides File Integrity Operator, an AIDE based solution to monitor file at node level.
More requirements come with PCI-DSS v4 in this area AIDE won't solve. Here after missing features.

Detection

• Which process altered the monitored file
• Which user spawn the process

Dashboard and reports to provide evidence during audit

• What changed on the node
• When it changed
• First time it changed
• How many time since first occurence

Policy driven monitoring

• Which files to monitor
• Which directory
• Which filesystems

4. List any affected packages or components.
File Integrity Operator