Security logging is one of the most important tools you have when it comes to detecting breaches and active attacks. Read on to learn exactly what it entails, what log injection is, and to try out a related exercise on the Avatao platform.
The purpose of security logging
The goal of malicious attackers these days is to stay under the radar for as long as possible in order to extract information, perform lateral movement, alter system configurations, install malicious software, or simply cause fiscal damage.
To thwart these bad actors, active monitoring and logging of suspicious activity – such as failed logins and warning or error messages – is critical. These logs can serve as the main building blocks in later forensics analysis if needed, or can be fed into intrusion detection systems.
Log injection attacks
Security logging must be properly tuned to avoid log injection attacks.
What is log injection and what are its consequences?
Unvalidated user inputs from untrusted sources may alter log entries to hide the presence of attacks or trigger other types of attacks such as XSS. This is called log injection.
Get started with secure coding training today
Reach out to our team to learn more about Avatao, and find out how we can help your company scale secure coding training efficiently.
Copyright © 2022 Avatao