Most security breaches start with a single incident. This course will teach you how to set up correct logging and monitoring for your application, as well as what to log and what not to log in order to detect those incidents on time.
It is extremely important for the security of your company to know what's currently happening to your application. This can be achieved by proper application logging and monitoring. In this course, Secure Coding: Preventing Insufficient Logging & Monitoring, you will learn what to think of when setting up logging and monitoring for applications. First, You will learn what is meant with the risk of insufficient logging and monitoring. Next, you'll explore what your application should and shouldn't log. Finally, you'll discover how to ensure and improve the quality of log files. When you're finished with this course, you'll have all the application logging and monitoring skills and knowledge needed to detect (future) security incidents on time.
Peter started out in the nineties as software engineer working on internet banking applications for various European financial institutions. Since 2004, he started specializing in pentesting complex and feature-rich web applications. Currently, he leads a global team of highly skilled and enthusiastic penetration testers as lead pentester.
Course Overview Hi everyone. My name is Peter Mosmans, and welcome to my course, Secure Coding: Preventing Insufficient Logging and Monitoring. I am a lead penetration tester working for multiple companies around the globe. Did you know that you can log too much information, or that monitoring not enough data can put your application, your network, your whole company at risk? There's a reason why insufficient logging and monitoring is considered so dangerous that OWASP has included it in its list of most dangerous web application risks in OWASP Top 10. In this course, we're going to take a look at logging and monitoring for applications and learn how effective monitoring can increase your overall security. Some of the major topics that we'll cover include what insufficient logging and monitoring is, who decides what should be logged and monitored, making sure that the quality and quantity of log data is correct, and how to securely log personal data. By the end of this course, you'll know all about logging and monitoring for applications. The course itself is for anyone wanting to learn what insufficient logging and monitoring is and wanting to know what applications should and shouldn't log. Knowledge of software development processes is a plus, but not necessary. I hope you'll join me on this journey to learn more about the Preventing Insufficient Logging and Monitoring course here, at Pluralsight.