Yesterday, I debuted a new software security training class on Secure Audit Logging, this is a class aimed developers, architects and security people. There are a lot of products out there that help enterprises manage logs for PCI compliance and such, but there is very little to tell developers and architects how to design interfaces to logging APIs, where to hook them into the applications, what type of events to look for and so on.
I put the class together at the request of one my favorite clients and it looks like something that many large enterprises could benefit from whether they are dealing with PCI compliance or need to improve detection and visibility capabilities at the software level.
Nice. I passed a link to this around. This has everything to do with a presentation I gave just yesterday to 100+ developers.
Posted by: Slonob | November 20, 2009 at 10:02 AM
What are your thoughts on immutable audit logs?
Posted by: Rob Lewis | November 20, 2009 at 04:25 PM
The blog entry after yours (via google reader) had thi quote:
"
*Audit logs from vendor systems may be insufficient to detect misuse of data..."
http://geekdoctor.blogspot.com/2009/11/november-hit-standards-committee.html
Posted by: Dave Tauzell | November 21, 2009 at 09:20 PM
As one of the attendees, I can most certainly say that it was worth the time. Now the more difficult part is in folks from large enterprises realizing they need to take it.
Hopefully you will offer at next OWASP conference and similar events as well...
Posted by: Mcgoverntheory | November 29, 2009 at 02:43 PM