[Owasp-appsensor-project] Additional Detection Points - Violation of Security Log Integrity
jtmelton at gmail.com
Wed Jun 9 21:52:10 EDT 2010
+1 for me
On Wed, Jun 9, 2010 at 10:39 AM, Colin Watson <colin.watson at owasp.org> wrote:
> On 9 June 2010 15:29, John Melton <jtmelton at gmail.com> wrote:
>> is this presumably to catch log forging attempts?
> Yes preventing insertion of entries and corruption of the log, but
> also prevention of record deletion and detection of changes to log
> entries. AppSensor will rely on the accuracy of "log" data to make
> decisions when thresholds are reached, and therefore I thought
> protecting this source data is important - a bit of self-protection.
More information about the Owasp-appsensor-project