Elevator Pitch
We’re all told to log events in our applications. Why? And how can you do it securely? Let’s review what app event logs are and why you need them, and then we’ll see some guidance on best practices for logging without giving attackers a surface to start a campaign.
Description
We’re all told to log events in our applications. Why? And how can you do it securely? Let’s review what app event logs are and why you need them, and then we’ll see some guidance on best practices for logging without giving attackers a surface to start a campaign.
Notes
I’ve done this talk as an ignite (https://speaking.nimbinatus.com/NJt8rZ/alls-fair-in-logs-and-war-the-importance-of-application-event-logging). I’d love to take it one step further and do a full talk on the topic.
Also, just as a side note, while I do work for a logging management provider, I will not be mentioning LogDNA in my talk other than saying I work there in an intro (I probably will be wearing a LogDNA shirt, though, and may have their logo on my slides somewhere tiny since they’d be paying for me to be there). I want to make clear that this isn’t a vendor pitch. I just like to talk about logging, data, and devops.