AttritionClient Vital Process Procedure Etc

#Verification

Logging functionality and systems must be included in code review, application testing and security verification processes:

• Ensure the logging is working correctly and as specified
• Check events are being classified consistently and the field names, types and lengths are correctly defined to an agreed standard
• Ensure logging is implemented and enabled during application security, fuzz, penetration and performance testing
• Test the mechanisms are not susceptible to injection attacks
• Ensure there are no unwanted side-effects when logging occurs
• Check the effect on the logging mechanisms when external network connectivity is lost (if this is usually required)
• Ensure logging cannot be used to deplete system resources, for example by filling up disk space or exceeding database transaction log space, leading to denial of service
• Test the effect on the application of logging failures such as simulated database connectivity loss, lack of file system space, missing write permissions to the file system, and runtime errors in the logging module itself
• Verify access controls on the event log data
• If log data is utilized in any action against users (e.g. blocking access, account lock-out), ensure this cannot be used to cause denial of service (DoS) of other users