A lack of log analysis and security event monitoring results in security breaches going undetected for long periods of time. Learners can explore aspects and recommendations focusing on OWASP Top 10 2017 item A10: Insufficient Logging and Monitoring, in this 10-video course. Key concepts covered here include the details of OWASP Top 10 Item A10, which deals with common logging security flaws and insufficient logging and monitoring; learning how to mitigate insufficient logging and monitoring with an incident response plan; and learning how to configure Windows Event Viewer log forwarding. Next, you will observe how to configure a Linux environment for centralized logging using rsyslog forwarding; how to build a custom Windows Event Viewer log view; and how to attach a PowerShell script to a specific logged event. Finally, learn how to use a Windows Data Collector Set to establish a performance baseline; and how to use the Windows Performance Monitor tool to create a performance baseline and identify performance anomalies which could indicate security compromises.
OWASP: Top 10 Item A10