Inside the Security Mind: Making the Tough Decisions

Logging and Monitoring

To maintain the Rule of the Three-Fold Process, logging and monitoring should be implemented in objects all across the environment. This includes objects like servers, routers, and applications, as well as physical areas. Having a firewall go unmonitored is exactly the same as parking a locked car in a dark alley with no one around. Every security device has a weakness, and if an attacker goes unnoticed, the attack will eventually be successful. The unwatched thief will eventually find a way into your car, and the unwatched hacker will eventually find a way into your networks and systems.

What to Log

Earlier we discussed the concept of creating stillness, which should be reviewed for logging purposes. It is extremely important ...

Get Inside the Security Mind: Making the Tough Decisions now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Inside the Security Mind: Making the Tough Decisions by Kevin Day

Logging and Monitoring

What to Log

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly