PR.PS-04.250

Are all operating systems, applications, and services (including cloud-based services) configured to generate appropriate log records?

Explanation

Log generation is a fundamental security control that provides visibility into system activities, user actions, and potential security incidents. Without proper logging configured across all systems, it becomes extremely difficult to detect unauthorized access, investigate security incidents, or maintain an audit trail for compliance purposes. Evidence of fulfillment could include a logging configuration standard document, screenshots of logging settings from representative systems, or output from an automated configuration management tool showing logging parameters across the environment.

Implementation Example

Configure all operating systems, applications, and services (including cloud-based services) to generate log records

ID: PR.PS-04.250

Context

Function
PR: PROTECT
Category
PR.PS: Platform Security
Sub-Category
Log records are generated and made available for continuous monitoring

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Signature
Neil Cameron
Founder, ResponseHub
Neil Cameron