A9:2021 | Logging Security (1) | Cycubix Docs

Concept

Logging is very important for modern systems. We use it for various reasons:

• Application monitoring and debugging.
• Audit logging: E.g. record specific actions of your users and systems.
• Security Event Monitoring: e.g. provide information to a SIEM or SOAR system that will trigger based on the information provided in these logs.

Goals

• The user should have a basic understanding of logging and where to log for.
• The user understands the risks of log spoofing and leaking log information.
• The user will be able to do a simple log spoofing attack.
• The user will be able to tell the basic risks involved in logging.