Home › BCA Cyber Security › cybersecurity › Web Security — OWASP › OWASP recommends LOGGING and MONITORING for the …
OWASP recommends LOGGING and MONITORING for the SECURITY LIFECYCLE because
Ato make user-facing websites slower
Blogs help spot and respond to breaches
Clogs save disk space and money
Dlogs improve SEO and reach users
Answer & Solution
Correct answer: B. logs help spot and respond to breaches
1. OWASP A09 (2021): Security LOGGING and Monitoring Failures.
2. WITHOUT proper logging: attackers can dwell in systems for MONTHS undetected. Industry data: average breach detection time is 200+ days.
3. WHAT TO LOG: authentication attempts (success+failure), authorisation failures, input validation failures, high-value transactions.
4. WHAT TO MONITOR: log volume anomalies, repeated 401/403 from same IP, unusual access patterns, lateral movement.
5. DON'T LOG: secrets, passwords, full credit card numbers, PII without justification.
6. Send logs to a SECURED, REMOTE log aggregator (so an attacker who compromises a host can't delete evidence).
_Source: OWASP Top 10 2021 — A09: Security Logging and Monitoring Failures._
Related questions
What does HTTPS provide over plain HTTP?Which OWASP category covers using libraries with KNOWN CVEs?An IDOR (Insecure Direct Object Reference) attack happens whenCROSS-SITE REQUEST FORGERY (CSRF) is best mitigated byWhich mitigation is the SINGLE most effective defense against SQL Injection?SERVER-SIDE REQUEST FORGERY (SSRF) — A10 in OWASP 2021 — happens whenWhat does the SECURITY MISCONFIGURATION category (A05 in 2021) typically include?The OWASP 2021 category A04 'INSECURE DESIGN' is a NEW category that addresses