Designing an effective logging and instrumentation strategy is
important for the security and reliability of your application. You
would audit and log activity across the tiers of your application. These
logs will be used to detect suspicious activity, which is frequently
provides early indications of an attack on the system, and it will can
help to address repudiation threats where users deny their actions.
Log and audit files may be required in legal proceedings to prove the wrongdoing of individuals. Regular auditing is generally considered to be most authoritative if the audit is generated at the precise time of resource access, and by this routine that accesses the resource. Consider as the following guidelines when designing a logging and instrumentation strategy:
Log and audit files may be required in legal proceedings to prove the wrongdoing of individuals. Regular auditing is generally considered to be most authoritative if the audit is generated at the precise time of resource access, and by this routine that accesses the resource. Consider as the following guidelines when designing a logging and instrumentation strategy:
- Auditing all layers of the application for user management events, system critical events, business critical operations, and unusual activities.
- Create secure log file management policies such as restricting access to log files, and allow only write access to users. Ensure that you have logging and instrumentation mechanisms are configurable during deployment and when in production.
- Don’t store sensitive information in log or audit files.
No comments:
Post a Comment