Cornucopia 7

Consider all application logging best practices.(https://wiki.owasp.org/index.php/Logging_Cheat_Sheet)

Mwengu's actions cannot be investigated because there is not an adequate accurately time-stamped record of security events, or there is not a full audit trail, or these can be altered or deleted by Mwengu, or there is no centralized logging service

Mappings

Owasp ASVS (4.0): 7.1.2 ,7.1.4 ,7.2.1 ,7.2.2 ,7.3.1-7.3.3 ,8.3.5 ,9.2.5

Capec: 93

Owasp SCP: 113,114,115,117,118,121,122,123,124,125,126,127,128,129,130

Owasp Appsensor:

Safecode: 4

ASVS (4.0) Cheatsheetseries Index

ASVS V7.1 - Log Content Requirements

ASVS V7.2 - Log Processing Requirements

ASVS V7.3 - Log Protection Requirements

ASVS V8.3 - Sensitive Private Data

ASVS V9.2 - Server Communications Security Requirements

Attacks

(Session) Data tampering

Social engineering attack

Loading comments 0%

View source on GitHub