Logging and Monitoring for the PCI Standards
Audit trails are the first and usually the only way to identify security flaws and breaches. Audit trails are meant to provide useful and relevant information about the usage of a system. If this information is captured effectively, it can tell system owners and stakeholders how the system is being used, identify its users, and indicate whether there are any anomalies in the system. Additionally, audit trails are required as evidence in legal proceedings in cases of fraud where the company has to prove the wrongdoing of a person or group of individuals against the system. This chapter focuses on Requirement 10 of the PCI-DSS, which exclusively addresses issues regarding logging, ...