10 - Insufficient Logging & Monitoring

Insufficient logging, detection, monitoring and active response occurs any time: • Auditable events, such as logins, failed logins, and high-value transactions are not logged Warnings and errors generate no, inadequate, or unclear log messages • Logs of applications and APIs are not monitored for suspicious activity • Logs are only stored locally • Appropriate alerting thresholds and response escalation processes are not in place or effective • Penetration testing and scans by DAST tools (such as OWASP ZAP) do not trigger alerts. • The application is unable to detect, escalate, or alert for active attacks in real time or near real time.

PreviousUsing Components with Known Vulnerabilities - DVNA NextReferences

Last updated 4 years ago