Security event logging

Explanation: Provide a tamper-resistant audit trail for security-related events, such as software installation, user authentication, and so on).

Vulnerabilities addressed: Addresses accountability by providing an after-the-fact trail for forensic analysis.

Developer resources required: Requires identification of security related event types and implementation of tamper resistant, append-only security event logs.

Evaluator resources required: Requires manual review of identified security related event types and of design and implementation of logging mechanisms and security event generation mechanisms.


Share this article

Shahid N. Shah is an internationally recognized and influential cybersecurity and risk management expert. He is a technology strategy consultant to many federal agencies and winner of Federal Computer Week’s coveted “Fed 100″ award for his work on the government’s largest secure collaboration space. He’s served as Chief Architect (contractor) for BFELoB and OMB secure collaboration platforms and was responsible for strategy as well as implementation leadership of the government’s largest cross-agency identity management solution focused on multifactor auth/authz and identity assurance. He’s also helped AHIP with cybersecurity strategy development for its member insurers and is the author of the “Cybersecurity Risks” and “Conducting Digital Health Risk Assessments” chapters of the 2015 edition of “Insurance and Risk Management Strategies for Physicians and Advisors” book.