Logging Application Security
Something that often happens is that we try to find out what happened in a security incident and we have trouble because the data is not readily available. The following are things that should always be logged and kept for identification later.
- User Id
- Remote IP
- Device fingerprint
- Time
- Action
- Subject of action
There are also some specific paths to fraud that should always be monitored
- Failed logins
- Successful logins
- Email address change
- Shipping address change
- Credit card change
- Failed credit card validation
- Profile updates
- Purchase history
- Viewing of senstiive data
Resources
Support or Contact
Having trouble with the developer pages? Help us update them or [email protected] and we’ll help you sort it out. See something wrong? Get involved and help us fix it!