Logging and Monitoring Failures
What Are Security Logging and Monitoring Failures?
Security Logging and Monitoring Failures are a category of vulnerabilities on the OWASP Top Ten. They refer to cases where logging and monitoring systems are inadequate (including cases where they are absent entirely) to identify and respond to incidents.
How Can Security Logging and Monitoring Failures Happen?
Security Logging and Monitoring Failures can happen either because logging and monitoring were not performed correctly, such as incomplete logs or unclear logs, or because the data was not handled correctly, such as log data not being stored in a central location with backups.
Security Logging and Monitoring Failure Are Difficult To Test For
Security Logging and Monitoring Failures are considered more difficult to test than many other vulnerability types. It is difficult to fully automate the tests, as a human must evaluate the quality and completeness of the data being logged.
Why Are Security Logging and Monitoring Failures Dangerous?
Security Logging and Monitoring Failures are dangerous because they can make it difficult or impossible to detect incidents promptly.
