Information Gathering -> Logging: Visualized logging
Risk and Opportunity
Risk: System and application protocols are not visualized properly which leads to no or very limited logging assessment. Specally developers might have difficulty to read applications logs with unusually tools like the Linux tool 'cat'
Opportunity: Protocols are visualized in a simple to use real time monitoring system. The GUI gives the ability to search for specal attributes in the protocol.
Required knowledge: Very Low (one discipline)
Required time: Medium
Required resources (systems): Medium
Dependencies: Centralized system logging, Centralized application logging
Implementation hints: ELK-Stack
OWASP SAMM 2 Mapping: o-incident-management|A|1