Archive for the ‘Log Management’ Category

Seven ‘no log’ VPN providers accused of leaking – yup, you guessed it – 1.2TB of user logs onto the internet

Filed in Log Management, VPN on Jul.18, 2020

Maybe it was the old Lionel Hutz play: ‘No-logging VPN? I meant, no! Logging VPN!’ Source: Seven ‘no log’ VPN providers accused of leaking – yup, you guessed it – 1.2TB of user logs onto the internet   Download a Security Risk Assessment Steps paper! Subscribe to DISC InfoSec blog by Email Take an awareness […]

Leave a Comment

What to Log for Authentication and Access Control

Filed in Access Control, Log Management on Jan.14, 2014

Authentication and access control plays a critical role in web application security.  Mostly for logging, all authentication and access control events should be logged which includes but not limited to successes and failures. If  we are logging only the successful events, someone may brute force attack the passwords without any detection or notice. On the […]

Tags: , , , , ,

Leave a Comment

  • subscribe

  • Advertising

  • Subscribe to our DISC InfoSec blog

    Enter your email address:
    Subscribe in a reader

    DISC InfoSec Titles


  • DISC InfoSec Services

    👉 Download a Virtual CISO (#vCISO) and Security Advisory Fact Sheet & Cybersecurity Cheat Sheet

  • Get a Cyber Aware Cheat Sheet now!

  • “Like” our DISC InfoSec page

    >> DISC InfoSec Facebook Page <<

  • DISC InfoSec Store

    DISC online store for recommended InfoSec products

  • DISC InfoSec Online Services

    DISC InoSec Services
  • Download ISO27k Standards

    vCISO as a service



  • Search DISC InfoSec blog

  • Meta

  • Blogroll

  • Archives

  • Categories

  • Tags

    arra and hitech Business Chief Information Security Officer china Cloud computing cloud security Computer security Consultants Corporate governance of information technology Credit card data security facebook Federal government of the United States Financial services fraud Google hacker Hacking Health Insurance Portability and Accountability Act hipaa Identity Theft Information Security Information Security Management System International Organization for Standardization isms ISO/IEC 27001 iso 27001 iso 27002 iso assessment Malware Microsoft National Institute of Standards and Technology Payment Card Industry Data Security Standard pci dss phishing privacy Risk Assessment Risk management San Francisco Security security controls Security Risk Assessment Social network Twitter United States

  • For an InfoSec and Compliance question

    Contact us

    Support us
  • Best Sellers Books in Computer Security

    New Releases in Computer Security