Security logging

Security logging is one of the most important tools you have when it comes to detecting breaches and active attacks. Read on to learn exactly what it entails, what log injection is, and to try out a related exercise on the Avatao platform.

security logging

The purpose of security logging

The goal of malicious attackers these days is to stay under the radar for as long as possible in order to extract information, perform lateral movement, alter system configurations, install malicious software, or simply cause fiscal damage.

To thwart these bad actors, active monitoring and logging of suspicious activity – such as failed logins and warning or error messages – is critical. These logs can serve as the main building blocks in later forensics analysis if needed, or can be fed into intrusion detection systems.

Log injection attacks

Security logging must be properly tuned to avoid log injection attacks.

What is log injection and what are its consequences?

Unvalidated user inputs from untrusted sources may alter log entries to hide the presence of attacks or trigger other types of attacks such as XSS. This is called log injection.

Get started with secure coding training today

Reach out to our team to learn more about Avatao, and find out how we can help your company scale secure coding training efficiently.