#SuperGoalingBros – OWASP Study – 10. Insufficient Logging and Monitoring

The last item on the 2017 OWASP Top Ten list is a new addition, and rather a failure of best practice than a vulnerability.

Insufficient Logging and Monitoring, as the name suggests, is where an organisation fails to track activity and responses on their app/site.

Has your login screen recently had 1000 failed login attempts in the past 2 minutes?  All from the same IP address or geographic location?

Chances are that’s an attempted Brute Force attack.

Noticed that an account was created and quickly deleted?  This could be an attacker covering their tracks.

I found an article here that claimed that in 2016 the average detection rate for an attack was 191 days!

Imagine the damage that could be done to a project you are working on if an attacker had free reign for almost 200 days.

So stay sharp, stay alert and avoid having a Barbrady moment.

Nothing-to-See-15a34a2fc727c8


Ways to avoid suffering #10 Insufficient Logging and Monitoring

  • Build a logging and monitoring plan
  • Ensure that logs are not publicly available, and where possible should be backed up securely.
  • Use monitoring software (such as New Relic or even Google Analytics) and set thresholds and alerts for appropriate parts of your application/site

Thanks for reading my last post as part of my OWASP Top 10 Goal.

I have created an account to track my goals on Habitica, if you would like to find/add me my user id is: b2d1d942-f62b-4487-a77b-58c8a93baa9c


Disclaimer: My posts for this project reflect my own understanding of the topics, if I’ve missed the point completely please pull me up and correct me in the comments section and I’ll fix it up asap. Also, if you know of any examples of the vulnerability and how best to protect against it please share 🙂

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: