All Collections
Indigo Product Security and Management
Protection against insufficient system logging and monitoring
Protection against insufficient system logging and monitoring
Marie Claire Saliba avatar
Written by Marie Claire Saliba
Updated over a week ago

Logging and monitoring in an application means that every action, login, and data input is recorded and able to be audited. The failure to comprehensively log and monitor every action in an application is “the bedrock of nearly every major incident,” according to OWASP documentation. An unlogged or unmonitored event is considered to be a breach in your system. When breaches go unnoticed, serious damage to data can be inflicted.

Indigo audits all database events. Every successful an unsuccessful login, visited URL, and all records and their creation and modification dates and creator and modifier are audited using auditing for SQL databases and SQL server audits.

How to catch unwanted events in your Indigo system:

  • You can review your own system’s audit log by going to Administration > Audit Log in Indigo. We recommend that you routinely review your system’s audit log to ensure that there are no surprises.

  • Have multiple pairs of trusted eyes monitor audit logs. Generate and print audit log reports for you and your team to review.

Did this answer your question?