https://cheatsheetseries.owasp.org/cheatsheets/Logging_Cheat_Sheet.html ALL’S FAIR IN LOGS AND WAR @nimbinatus | #DevSecOpsDaysAustin @nimbinatus | #LogsAndWar The Importance of App Event Logging

APP EVENT LOGGING IS NECESSARY. @nimbinatus | #DevSecOpsDaysAustin @nimbinatus | #LogsAndWar

OR IS IT? @nimbinatus | #DevSecOpsDaysAustin @nimbinatus | #LogsAndWar

BAD ACTORS WON’T STICK TO YOUR EXPECTATIONS… @nimbinatus | #DevSecOpsDaysAustin @nimbinatus | #LogsAndWar

… AND NEITHER WILL YOUR DEVELOPERS. @nimbinatus | #DevSecOpsDaysAustin @nimbinatus | #LogsAndWar

GO BEYOND SYSTEM LOGS @nimbinatus | #DevSecOpsDaysAustin @nimbinatus | #LogsAndWar

UNDERSTAND HOW APPS FAIL. @nimbinatus | #DevSecOpsDaysAustin @nimbinatus | #LogsAndWar

FIND YOUR BACK DOORS BEFORE THEY DO. Photo by Matthew Henry on Unsplash @nimbinatus | #DevSecOpsDaysAustin @nimbinatus | #LogsAndWar

HOW? @nimbinatus | #DevSecOpsDaysAustin @nimbinatus | #LogsAndWar

SET UP PROCESS ALERTS Photo by Hugo Jehanne on Unsplash @nimbinatus | #DevSecOpsDaysAustin @nimbinatus | #LogsAndWar

DEFINE NO KNOWN USERS @nimbinatus | #DevSecOpsDaysAustin @nimbinatus | #LogsAndWar

SEPARATE CONCERNS @nimbinatus | #DevSecOpsDaysAustin @nimbinatus | #LogsAndWar

FORCE ARCHIVES Photo by Ula Kuźma on Unsplash @nimbinatus | #DevSecOpsDaysAustin @nimbinatus | #LogsAndWar

MASK OR SANITIZE PII @nimbinatus | #DevSecOpsDaysAustin @nimbinatus | #LogsAndWar

USE STANDARD LOGGING LIBRARIES @nimbinatus | #DevSecOpsDaysAustin @nimbinatus | #LogsAndWar

USE MORE LOG LEVELS @nimbinatus | #DevSecOpsDaysAustin @nimbinatus | #LogsAndWar

OH, AND BY THE WAY… @nimbinatus | #DevSecOpsDaysAustin @nimbinatus | #LogsAndWar

…ACTUALLY CHECK YOUR LOGS @nimbinatus | #DevSecOpsDaysAustin @nimbinatus | #LogsAndWar

SO PLEASE @nimbinatus | #DevSecOpsDaysAustin @nimbinatus | #LogsAndWar

MAKE LOGS NOT WAR @nimbinatus | #DevSecOpsDaysAustin @nimbinatus | #LogsAndWar (Thanks)