API 10:2019 โ€” Insufficient logging and monitoring

 

Lack of proper logging, monitoring, and alerting allows attacks and attackers to go unnoticed.

Proper logging, monitoring, and alerting provides the visibility to what is going on with your API.

Use case

  • Logs are not protected for integrity.
  • Logs are not integrated into Security Information and Event Management (SIEM) systems.
  • Logs and alerts are poorly designed.
  • Companies rely on manual rather than automated systems.

How to prevent

  • Log failed attempts, denied access, input validation failures, or any failures in security policy checks.
  • Ensure that logs are formatted so that other tools can consume them as well.
  • Protect logs like highly sensitive information.
  • Include enough detail to identify attackers.
  • Avoid having sensitive data in logs โ€” if you need the information for debugging purposes, redact it partially.
  • Integrate with SIEMs and other dashboards, monitoring, and alerting tools.

Full OWASP API Security Top 10 2023 list

Full OWASP API Security Top 10 2019 list