How it works...
Most of the time, in organizations, logs are not as protected as databases are, and when a breach occurs, such logs may contain impressive amounts of sensitive information that may allow the attackers to access other systems in the network because the log contained usernames and passwords or maybe collect emails and use them to execute a phishing campaign, or worst, those logs may contain names, addresses, and phone numbers of the application's users. It is very important for developers and security architects to keep all information like the one previously mentioned out of any logging and monitoring mechanism.
By logging the appropriate set of events, an application may generate enough information for the team monitoring ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access