C-007 - Logging & Detection Baseline
Objective
Ensure sufficient visibility to detect suspicious or unauthorized activities.
Type
Detective
Scope
- VPS systems
- Authentication logs
- Application logs
Implementation
- Local logging enabled
- Planned centralization (SIEM)
- Basic log retention
Related Risks
- R-001 - Exposure via misconfiguration
- R-002 - Application compromise
- R-003 - Administrative access compromise
Validation
- Log availability verification
- Manual review of events
Status
Planned
Owner
Sec