Introduction to A10: Insufficient Logging & Monitoring
Insufficient Logging and Monitoring, listed as A10 in the OWASP Top 10 for 2017, refers to the failure to detect, log, and respond to security events effectively. Without proper logging and monitoring, attacks can go unnoticed, giving attackers more time to exploit systems or exfiltrate data. This includes missing audit trails, poor alerting, or not reviewing logs regularly. It also affects incident response, as teams may lack the visibility needed to understand or contain an attack. To improve security, applications should log critical events, monitor them actively, and ensure alerts trigger timely investigation and response.
