Explore application logging in the context of GDPR compliance through this 54-minute LASCON conference talk. Gain insights into various logging types, security implications, and tools while addressing the challenges of balancing security requirements with privacy regulations. Learn about personal data handling in logs, data classification, and protection strategies. Discover recommendations for GDPR-compliant logging practices, including what personal data should and should not be logged, appropriate protection levels, and log retention policies. Walk away with practical tips to enhance your application's security posture while maintaining compliance with data privacy laws.
Overview
Syllabus
Intro
Who am I
Logging
Types of logs
Tools for logging
Logging and security
Collecting personal data
Data privacy laws
Personal Data
What personal data should not be logged
What personal data should be logged
Level of protection
Data classification
Data classification examples
Data protection
Production logs
Debug Trace
Log Retention Policy
Taught by
LASCON
