Web Application Security 101 - 12 Logging

Preview:

Click to see full reader

DESCRIPTION

In part 12 of the Web Application Security 101 we talk about logging best practices.

Citation preview

LoggingInappropriate logging.

Types Of IssuesIncorrect time synchronization.

Logging of sensitive information.

Unauthorized access to logs.

Incorrect Time SynchronizationIf the time of the logs is desynchronized it will make it difficult to

perform forensic investigation in case of a break-in.

Logging Of Sensitive InformationSome types of information such as user session ids, passwords, credit

card numbers, cvv data and more should not be logged.

Unauthorized Access To LogsLog files may contain sensitive data and therefore needs to be protected.

LabWe will explore some of these areas in more detail.

Recommended

PHP Security 101
Technology
Cyber Security 101+_2014_SManduley
Documents
Audit Logging and Reporting: Security and Privacy
Documents
DIGITAL SECURITY 101
Documents
System Security Plans 101
Technology
Security - 101 - ISSA
Documents
Information Security 101 – Student Guide - AlienVault · PDF fileinformation security 101 – student guide . information security 101
Documents
Visa Security Logging Factsheet June 2012
Documents
Mobile application security 101
Education
Logging 101
Documents
Computer security 101 computer security 101 Eric Pancer Computer Security Response Team
Documents
SY0-101 CompTIA SY0-101 Security+ Version 24.0
Documents
Computer security 101
Technology
WordPress Security & Backups 101
Internet
Joomla! security 101
Documents
Junos Space Security Director Logging and Reporting Getting
Documents
Application security 101
Software
IP Telephony Security 101
Business
HP Security Event Logging Messaging Reference
Documents
Security wp 101
Technology