Fork me on GitHub

InformationGathering -> Logging: Centralized application logging

Risk and Opportunity

Risk: Local stored logs can be unauthorized manipulated by attackers with system access or might be corrupt after an incident. In addition, it is hard to perform an correlation of logs. This leads attacks, which can be performed silently.
Opportunity: A centralized logging system is used and applications logs (including application exceptions) are shipped to it.

Usefulness and Requirements of this Activitiy

Usefullness: Very High
Required knowledge: Very Low (one discipline)
Required time: Very Low
Required resources (systems): Very Low

Additional Information

Dependencies: Visualized logging, Alerting


ISO27001 2017