Archive for the ‘Log Management’ Category

Seven ‘no log’ VPN providers accused of leaking – yup, you guessed it – 1.2TB of user logs onto the internet

Maybe it was the old Lionel Hutz play: ‘No-logging VPN? I meant, no! Logging VPN!’ Source: Seven ‘no log’ VPN providers accused of leaking – yup, you guessed it – 1.2TB of user logs onto the internet   Download a Security Risk Assessment Steps paper! Subscribe to DISC InfoSec blog by Email Take an awareness […]

Leave a Comment

What to Log for Authentication and Access Control

Authentication and access control plays a critical role in web application security.  Mostly for logging, all authentication and access control events should be logged which includes but not limited to successes and failures. If  we are logging only the successful events, someone may brute force attack the passwords without any detection or notice. On the […]

Leave a Comment