Course Description
A lack of log analysis and security event monitoring results in security breaches going undetected for long periods of time. Explore aspects and recommendations focusing on OWASP Top 10 item A10: Insufficient Logging and Monitoring.
Learning Objectives
OWASP: Top 10 Item A10
- describe OWASP Top 10 item A10 which deals with insufficient logging and monitoring
- recognize how insufficient logging and monitoring can be mitigated
- configure Windows Event Viewer log forwarding
- configure Linux rsyslog forwarding
- build a custom Windows Event Viewer log view
- attach a PowerShell script to a specific logged event
- use a Windows Data Collector Set to establish a performance baseline
- use the Windows Performance Monitor tool to identify performance anomalies
- list common logging security flaws and insufficient logging and monitoring security mitigations, create a custom Windows Event Viewer log view, and create a Windows Server performance baseline