diff --git a/db/tests.db b/db/tests.db
index 76884a45..44a9a410 100644
--- a/db/tests.db
+++ b/db/tests.db
@@ -135,6 +135,7 @@ FINT-4330:test:security:file_integrity::mtree availability:
 FINT-4334:test:security:file_integrity::Check lfd daemon status:
 FINT-4336:test:security:file_integrity::Check lfd configuration status:
 FINT-4338:test:security:file_integrity::osqueryd syscheck daemon running:
+FINT-4339:test:security:file_integrity:Linux:Check IMA/EVM Status
 FINT-4350:test:security:file_integrity::File integrity software installed:
 FINT-4402:test:security:file_integrity::Checksums (SHA256 or SHA512):
 FIRE-4502:test:security:firewalls:Linux:Check iptables kernel module:
diff --git a/include/binaries b/include/binaries
index 89e2fddd..b538eb56 100644
--- a/include/binaries
+++ b/include/binaries
@@ -157,6 +157,7 @@
                             xbps-query)             XBPSBINARY="${BINARY}";            LogText "  Found known binary: xbps (package management) - ${BINARY}" ;;
                             egrep)                  EGREPBINARY=${BINARY};             LogText "  Found known binary: egrep (text search) - ${BINARY}" ;;
                             equery)                 EQUERYBINARY="${BINARY}";          LogText "  Found known binary: query (package manager) - ${BINARY}" ;;
+                            evmctl)                 EVMCTLBINARY=${BINARY};            LogText "  Found known binary: evmctl (IMA/EVM tool) - ${BINARY}" ;;
                             exim)                   EXIMBINARY="${BINARY}";            EXIMVERSION=$(${BINARY} -bV | grep 'Exim version' | awk '{ print $3 }' | xargs); LogText "  Found known binary ${BINARY} (version ${EXIMVERSION})" ;;
                             fail2ban-server)        FAIL2BANBINARY="${BINARY}";        LogText "  Found known binary: fail2ban (IPS tool) - ${BINARY}" ;;
                             file)                   FILEBINARY="${BINARY}";            LogText "  Found known binary: file (file type detection) - ${BINARY}" ;;
diff --git a/include/tests_file_integrity b/include/tests_file_integrity
index 7a5658ac..a387c248 100644
--- a/include/tests_file_integrity
+++ b/include/tests_file_integrity
@@ -297,6 +297,28 @@
     fi
 #
 #################################################################################
+#
+    # Test        : FINT-4339
+    # Description : Check IMA/EVM status
+    if [ ! -z "${EVMCTLBINARY}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; SKIPREASON="No evmctl binary found"; fi
+    Register --test-no FINT-4339 --os Linux --preqs-met ${PREQS_MET} --skip-reason "${SKIPREASON}" --weight L --network NO --category security --description "Check IMA/EVM status"
+    if [ ${SKIPTEST} -eq 0 ]; then
+        FOUND=0
+        if [ -e /sys/kernel/security/ima ]; then
+            FOUND=$(${CAT_BINARY} /sys/kernel/security/ima)
+        fi
+        if [ "${FOUND}" -ne 1 ]; then
+            LogText "Result: EVM tools found but IMA/EVM disabled"
+            Display --indent 2 --text "- IMA/EVM (status)" --result "${STATUS_DISABLED}" --color YELLOW
+        else
+            LogText "Result: EVM tools found, IMA/EVM enabled"
+            FILE_INT_TOOL="evmctl"
+            FILE_INT_TOOL_FOUND=1
+            Display --indent 2 --text "- IMA/EVM (status)" --result "${STATUS_ENABLED}" --color GREEN
+        fi
+    fi
+#
+#################################################################################
 #
     # Test        : FINT-4402 (was FINT-4316)
     # Description : Check if AIDE is configured to use SHA256 or SHA512 checksums