Information Gathering -> Logging: Visualized logging
Risk and Opportunity
Risk: System and application protocols are not visualized properly which leads to no or very limited logging assessment. Specially developers might have difficulty to read applications logs with unusually tools like the Linux tool 'cat'
Opportunity: Protocols are visualized in a simple to use real time monitoring system. The GUI gives the ability to search for special attributes in the protocol.
Required knowledge: Very Low (one discipline)
Required time: Medium
Required resources (systems): Medium
Dependencies: Centralized system logging, Centralized application logging
Implementation hints: ELK-Stack
OWASP SAMM 2 Mapping: o-incident-management|A|1
ISO27001:2017 Controls Mapping:
- not explicitly covered by ISO 27001 - too specific