LoggingInappropriate logging.

Types Of IssuesIncorrect time synchronization.

Logging of sensitive information.

Unauthorized access to logs.

Incorrect Time SynchronizationIf the time of the logs is desynchronized it will make it difficult to

perform forensic investigation in case of a break-in.

Logging Of Sensitive InformationSome types of information such as user session ids, passwords, credit

card numbers, cvv data and more should not be logged.

Unauthorized Access To LogsLog files may contain sensitive data and therefore needs to be protected.

LabWe will explore some of these areas in more detail.