If security-critical actions are not logged, it becomes more difficult to detect threats and conduct post-incident analysis.
Management / Logging / Threats / DEV
Insufficient Logging
CCC.Logging.TH07
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.Core.CP10 | Log Publication | The service automatically publishes structured, verbose records of activities, operations, or events that occur within the service. |
| CCC.Logging.CP01 | Service Log Capture | Ability to capture logs from all relevant cloud services at varying levels of verbosity. |
| CCC.Logging.CP02 | Application Log Ingestion | Support for ingesting logs from custom applications deployed within the cloud environment. |
Related Controls
| ID | Title | Description |
|---|---|---|
| CCC.Logging.CN01 | Centralized and Comprehensive Log Aggregation | Ensure all operational and security logs from across the cloud environment, including applications, operating systems, network traffic, and cloud service activity, are captured automatically and streamed to a central, secure log management service. |
External Mappings
| Framework | ID | Remarks |
|---|---|---|
| OWASPTOP10 | A09:2021 | |
| CWE | CWE-223 | |
| CWE | CWE-778 |