adporn.net Logging and monitoring policy - SonarQube Video Tutorial | LinkedIn Learning, formerly Lynda.com

LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: Static Application Security Testing

Unlock the full course today

Join today to access over 24,700 courses taught by industry experts.

Logging and monitoring policy

Logging and monitoring policy - SonarQube Tutorial

From the course: Static Application Security Testing

Start my 1-month free trial Buy for my team

Logging and monitoring policy

“

- [Jared] Have you ever heard the phrase, "Pictures or it didn't happen"? That phrase is uncannily accurate when it comes to security events as well. That's why you should round out your documentation review by taking a close look at your company's logging and monitoring policy. I mentioned earlier that I've worked on a number of security incidents throughout my career. I've worked multiple incidents where the impacted organization did not have a logging and monitoring policy. More importantly, they didn't have the log data that I needed to determine exactly what happened, including whether sensitive, regulated data was stolen. Logging and monitoring is no joke. Weak and non-existent logging and monitoring controls can contribute to a business-ending event. At a high level, log management is just generating and storing system and application logs so you can look at them later. When it comes to application security…

Contents