[Jacob Mannon]

One of the OWASP top 10 is security logging and monitoring failure. I found an updated article at OWASP.org that appears to have the most up to date information. These failures can occur in situations where logins are not properly recorded, alarms are not triggered during penetration testing, and applications are unable to detect attacks in real time. OWASP recommendations to correct these failures include the ability to log logins and access controls, have a recovery plan in the event of attacks, make sure data is properly coded, and have traceable trails for transactions.

Monitoring logins is incredibly important because we don’t want just anyone to have access to our data. We need to ensure that whoever is attempting to access data has proper permissions and need to know. When this fails, attackers can gain access to our data and use it for malicious purposes.

-Jacob