Acra. Features: Logging, audit logging and crypto-signed audit logs

This content originally appeared on DEV Community and was authored by Cossack Labs

Audit logs, or audit trails, capture evidence about any activity in your software solution. They keep records about who did what and the system's response.

💡 From a data security perspective, logs are sensitive data too—they can help to see when a system was compromised, define trust scope, and reconstruct the attack (see NIST SP 800-92).

Have a look at logging in Acra.

Use Acra Community Edition for free. Check out Acra Enterprise Edition tailored for solutions with high security requirements.

8️⃣ Security logs and events

As software that works with sensitive data, Acra produces technical logs on its activity. Acra supports multiple logging formats compatible with popular logging solutions. In addition to logs, Acra supports exporting of metrics and traces.

💡 Acra’s security log is specifically pre-configured to be helpful to SIEM/SOC operators in building analytics and automation around security events.

Read more about Acra’s logs and security events.

Cryptographically signed audit logs

Acra generates audit logs for data-related operations—who access what using which keys.

To ensure that the audit log is secure itself, Acra provides cryptographic protection and validation of exported logs to prevent tampering.

💡 Cryptographic signature protects audit logs from unnoticed adversarial changes.

Each log message contains a special signature that depends on log content and previous log content—thus, creating a chain-of-signed-logs. This logging process guarantees that logs are created one-by-one and depend on each other.

Acra’s cryptographically protected audit log covers access, security events, ties sessions to consumers and extends application-level audit log with strong evidence.

🔥 As you see Acra features cover different risks and threats, while supporting each other in their mission. Combining crypto signed audit logging with ongoing automated verification shortens MTTD and MTTR on potential incidents.

This content originally appeared on DEV Community and was authored by Cossack Labs

Print Share Comment Cite Upload Translate Updates

APA

Cossack Labs | Sciencx (2022-03-31T14:53:33+00:00) Acra. Features: Logging, audit logging and crypto-signed audit logs. Retrieved from https://www.scien.cx/2022/03/31/acra-features-logging-audit-logging-and-crypto-signed-audit-logs/

MLA

" » Acra. Features: Logging, audit logging and crypto-signed audit logs." Cossack Labs | Sciencx - Thursday March 31, 2022, https://www.scien.cx/2022/03/31/acra-features-logging-audit-logging-and-crypto-signed-audit-logs/

HARVARD

Cossack Labs | Sciencx Thursday March 31, 2022 » Acra. Features: Logging, audit logging and crypto-signed audit logs., viewed ,<https://www.scien.cx/2022/03/31/acra-features-logging-audit-logging-and-crypto-signed-audit-logs/>

VANCOUVER

Cossack Labs | Sciencx - » Acra. Features: Logging, audit logging and crypto-signed audit logs. [Internet]. [Accessed ]. Available from: https://www.scien.cx/2022/03/31/acra-features-logging-audit-logging-and-crypto-signed-audit-logs/

CHICAGO

" » Acra. Features: Logging, audit logging and crypto-signed audit logs." Cossack Labs | Sciencx - Accessed . https://www.scien.cx/2022/03/31/acra-features-logging-audit-logging-and-crypto-signed-audit-logs/

IEEE

" » Acra. Features: Logging, audit logging and crypto-signed audit logs." Cossack Labs | Sciencx [Online]. Available: https://www.scien.cx/2022/03/31/acra-features-logging-audit-logging-and-crypto-signed-audit-logs/. [Accessed: ]

rf:citation

» Acra. Features: Logging, audit logging and crypto-signed audit logs | Cossack Labs | Sciencx | https://www.scien.cx/2022/03/31/acra-features-logging-audit-logging-and-crypto-signed-audit-logs/ |

Please log in to upload a file.

There are no updates yet.
Click the Upload button above to add an update.

You must be logged in to translate posts. Please log in or register.