© Scott Norberg 2020
S. NorbergAdvanced ASP.NET Core 3 Security https://doi.org/10.1007/978-1-4842-6014-2_9

9. Logging and Error Handling

Scott Norberg1 
Issaquah, WA, USA

It’s possible, maybe even likely, that you will want to skip this chapter. After all, logging by itself doesn’t protect data, prevent intrusion, or anything else most developers think of when they think of “security.” But think of it another way – realistically, how many of you would even know if a hacker stole credentials via a SQL injection vulnerability in your login page, as described earlier in the book?

As proof of this, caches of passwords that are available to ethical security personnel (like the one at https://haveibeenpwned.com) have billions of passwords. And if you ...

Get Advanced ASP.NET Core 3 Security : Understanding Hacks, Attacks, and Vulnerabilities to Secure Your Website now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.