INSUFFICIENT LOGGING AND MONITORING
The Risks of Insufficient Logging and Monitoring in Cybersecurity
Ensure Adequate Logging and MonitoringTable of Contents
WHAT IS INSUFFICIENT LOGGING AND MONITORING ?
Insufficient logging and monitoring is #10 on 2017 OWASP Top Ten list of most critical web application security risks, which states that “exploitation of insufficient logging and monitoring is the bedrock of nearly every major incident.” When an organization has insufficient logging, detection, monitoring, and response, attackers rely on these weaknesses to achieve their goals without being detected. This lack of best practices includes things such as:
- Auditable events, such as logins, failed logins, and high-value transactions that are not logged.
- Warnings and errors that generate no, inadequate, or unclear log messages.
- Logs of applications and APIs that are not monitored for suspicious activity.
- Logs that are only stored locally.
- Appropriate alerting thresholds and response escalation processes not in place or effective.
- Penetration testing and scans by DAST tools that don’t trigger alerts.
- Applications that are unable to detect, escalate, or alert for active attacks in real time or near real time.
Contrast is the clear customers’ choice
Contrast is named a Customers’ Choice in the 2021 Gartner Peer Insights “Voice of the Customer”: Application Security Testing report. With the highest percentage of 5-star ratings, this is the third consecutive year Contrast has received this powerful endorsement from customers.
Built for Developers. Trusted by Security.
Learn Secure Code
CROSS SITE SCRIPTING (XSS)
Learn about Cross site scripting (XSS) and how it affects your Java source code
SQL INJECTION
Learn about SWL injection and how it affects your Java source code
CLIENT SIDE INJECTION
Learn about client-side injection and how it can affect your source code