If security critical audit events are not logged then it increases the difficulty to detect threats and perform post incident analysis.
Management / Auditlog / Threats / DEV
Insufficient Audit Logs
CCC.AUDITLOG.TH01
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.Core.CP03 | Access Log Publication | The service automatically publishes structured, verbose records of activities performed within the scope of the service by external actors. |
| CCC.Core.CP10 | Log Publication | The service automatically publishes structured, verbose records of activities, operations, or events that occur within the service. |
External Mappings
| Framework | ID | Remarks |
|---|---|---|
| OWASPTOP10 | A09:2021 | |
| CWE | CWE-778 | |
| CWE | CWE-223 |