Fork me on GitHub

InformationGathering -> Monitoring: Simple application metrics

Risk and Opportunity

Risk: Attacks on an application are not recognized.
Opportunity: Gathering of application metrics helps to identify incidents like brute force attacks, login/logout.

Usefulness and Requirements of this Activitiy

Usefullness: Very High
Required knowledge: Low (one discipline)
Required time: Low
Required resources (systems): Low

Additional Information

Implementation hints:

OWASP SAMM VERSION 2

ISO27001 2017