Explore the critical aspects of logging in cybersecurity through this DefCamp 2022 conference talk delivered by Amirhossein Aliakbarian, Application Security Engineer at Booking.com. Delve into the importance of logging, its security-related applications, and the challenges faced in the incident response process. Examine the complexities surrounding sensitive data handling, log delivery, storage, and analysis. Learn about access control measures and review practical logging examples involving credit card information, authentication tokens, and user input security. Gain insights into defining logging standards and structuring an effective logging system. Conclude with a Q&A session addressing audience inquiries on this crucial cybersecurity topic.
To Log, or Not to Log! That Is the Question - DefCamp - 2022
Overview
Syllabus
Intro
About Amir
About Booking Holding
Agenda
Why log
Security related usage
Incident response process
Challenges
Sensitive data
Not so trivial
Delivering logs
Storing logs
Analyzing logs
Access control
Logging examples
Credit card information
Authentication tokens
User input security
Base structure
Highlevel overview
Defining a standard
Data
Delivery
Storage
Audience Questions
Taught by
DefCamp
