Information Security Leader, Author, Instructor and Speaker

Detecting hack attacks: Application logging is critical

Posted on July 6, 2006 in Articles | by

Application servers house a wealth of valuable data. They store your organization’s Web pages, serve as the gateway to critical data and process sensitive information on a daily basis. They’re also one of the greatest sources of risk to your organization’s information security. Because we’ve built perimeters around our organizations and are pretty good at keeping out traffic that dramatically differs from the accepted profile, we’ve made it too difficult to sneak unwanted protocols through our borders. Therefore, attackers now attempt to tunnel attacks through the protocols that we allow. This has led to the rise of SQL injections, buffer overflows and other application layer attacks, which forces us to revise our logging strategies. While we’ve primarily focused on network-centric attacks in the past, retaining data like firewall alerts and netflow data, we now need to focus on application layer logging.

Read the full article: Detecting hack attacks: Application logging is critical

Published in SearchSecurity on 07/06/06

TAGS: , ,

Leave a Reply

Your email address will not be published. Required fields are marked *