OWASP Top 10: A10 - Insufficient Logging & Monitoring

OWASP 2021    |    Intermediate
  • 11 Videos | 1h 11m 19s
  • Includes Assessment
  • Earns a Badge
Modern web applications can consist of many components, which are often running within application containers. Each component must be monitored to detect intrusions. In this course, you'll learn about various ways monitoring can be enabled in Linux on individual hosts, in Windows, and in cloud computing environments. Next, you'll explore how to forward log entries to a central logging host in Linux and in Windows. You'll then learn how to monitor cloud-based web application performance. Moving on, you’ll examine how to download and configure the Snort IDS by creating IDS rules for Telnet and ICMP network traffic. Lastly, you'll learn how to analyze packet captures for suspicious activity and mitigate monitoring deficiencies.

WHAT YOU WILL LEARN

  • discover the key concepts covered in this course
    recognize the importance of logging at all levels, including application logging
    differentiate between SIEM and SOAR monitoring and incident response solutions
    configure syslog-ng in Linux to forward log entries to a central logging host
    monitor web app performance metrics in the cloud
    describe how intrusion detection and prevention can be deployed and used
  • install the Snort IDS
    configure and test Snort IDS rules
    use an online service to analyze a Wireshark packet capture
    deploy security controls to correct monitoring deficiencies
    summarize the key concepts covered in this course

IN THIS COURSE

  • Playable
    1. 
    Course Overview
    1m 36s
    UP NEXT
  • Playable
    2. 
    Logging and Monitoring
    7m 41s
  • Locked
    3. 
    SIEM and SOAR
    6m 48s
  • Locked
    4. 
    Forwarding Log Entries Using syslog-ng
    8m 44s
  • Locked
    5. 
    Enabling Cloud Web Application Performance Monitoring
    9m 1s
  • Locked
    6. 
    Intrusion Detection and Prevention
    7m 22s
  • Locked
    7. 
    Installing the Snort IDS
    6m 1s
  • Locked
    8. 
    Testing Snort IDS Rules
    7m
  • Locked
    9. 
    Analyzing Suspicious Network Traffic Using Wireshark
    5m 57s
  • Locked
    10. 
    Mitigating Monitoring Deficiencies
    5m 26s
  • Locked
    11. 
    Course Summary
    1m 12s

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform

Digital badges are yours to keep, forever.