Web Application Security 101 - 12 Logging

50 %
50 %
Information about Web Application Security 101 - 12 Logging
Software

Published on July 24, 2014

Author: websecurify

Source: slideshare.net

Description

In part 12 of the Web Application Security 101 we talk about logging best practices.

Logging Inappropriate logging.

Types Of Issues Incorrect time synchronization. Logging of sensitive information. Unauthorized access to logs.

Incorrect Time Synchronization If the time of the logs is desynchronized it will make it difficult to perform forensic investigation in case of a break-in.

Logging Of Sensitive Information Some types of information such as user session ids, passwords, credit card numbers, cvv data and more should not be logged.

Unauthorized Access To Logs Log files may contain sensitive data and therefore needs to be protected.

Lab We will explore some of these areas in more detail.

Add a comment

Related presentations

Speaker: Matt Stine Developing for the Cloud Track Marc Andressen has famou...

This presentation explains how to develop a Web API in Java using (JAX-RS or Restl...

1 App,

1 App,

November 10, 2014

How to bring innovation to your organization by streamlining the deployment proces...

Cisco Call-control solutions can handle voice, video and data

Nathan Sharp of Siemens Energy recently spoke at the SAP Project Management in Atl...

Related pages

12. Logging - Learn Web Application Security

Learn more about Cross-site Scripting, SQL Injection and other web vulnerabilities by using Websecurify free and premium security tools. Fundamentals
Read more

Chapter 1- Web Application Security Fundamentals

... Web Application Security ... when evaluating the security of a Web application. ... and logging refer to how your application records ...
Read more

OWASP

The Open Web Application Security Project (OWASP) is a 501(c)(3) ...
Read more

What is Apache log4net™ - Welcome - Apache Logging Services

The Apache log4net project. log4net is part of the Apache Logging Services project at the Apache Software Foundation. The Logging Services project is ...
Read more

Welcome - Apache Logging Services

Security; Apache logging services. The Apache Logging Services Project creates and maintains ... Chainsaw is a companion application to log4j written by ...
Read more

Proactive Application Monitoring - IBM - United States

Justifying proactive application ... synchronized in some logging framework. High volume Web sites are ... 101. A WebSphere Application ...
Read more

Learn Web Application Security

Increase your knowledge of web security technologies, ... Check out the materials for our Web Application Security 101 course. ToC; Blog; Campaigns ...
Read more

Design Guidelines for Secure Web Applications

... Design Guidelines for Secure Web Applications. ... Improving Web Application Security: ... Listing audit and logging considerations; Overview. Web ...
Read more

SharePoint Security 101: What You Need to Know to Secure ...

Home > SharePoint > SharePoint 2010 > SharePoint Security 101: ... a healthy security ... The focus will be on the farm and work through web applications ...
Read more