Welcome to Cycubix Docs

A9:2021 | Logging Security (1) | Cycubix Docs

Concept

Logging is very important for modern systems. We use it for various reasons:

Application monitoring and debugging.
Audit logging: E.g. record specific actions of your users and systems.
Security Event Monitoring: e.g. provide information to a SIEM or SOAR system that will trigger based on the information provided in these logs.

Goals

The user should have a basic understanding of logging and where to log for.
The user understands the risks of log spoofing and leaking log information.
The user will be able to do a simple log spoofing attack.
The user will be able to tell the basic risks involved in logging.

PreviousA9:2021 | Security Logging Failures | Cycubix Docs NextA9:2021 | Logging Security (2) | Cycubix Docs

Last updated 5 months ago