Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

remove/merge logging related requirements 11.1.7, 11.1.8, 8.1.4 to V7 #1272

Closed
elarlang opened this issue Apr 28, 2022 · 7 comments
Closed

remove/merge logging related requirements 11.1.7, 11.1.8, 8.1.4 to V7 #1272

elarlang opened this issue Apr 28, 2022 · 7 comments
Assignees
@elarlang
Labels
7) PR in non-master branch V7 Temporary label for grouping logging related issues _5.0 - prep This needs to be addressed to prepare 5.0

Comments

@elarlang
Copy link
Collaborator

Remove requirements 11.1.7 and 11.1.8 from business logic category.

# Description L1 L2 L3 CWE
11.1.7 Verify that the application monitors for unusual events or activity from a business logic perspective. For example, attempts to perform actions out of order or actions which a normal user would never attempt. (C9) 754
11.1.8 Verify that the application has configurable alerting when automated attacks or unusual activity is detected. 390

Those requirements are logging and monitoring requirements and should be covered in those categories or merged to some requirements which are already there.

Also those are quite close to current 8.1.4 (but we can watch 8.1.4 as duplicate of 11.1.2 + 11.1.4 as well):

# Description L1 L2 L3 CWE
8.1.4 Verify the application can detect and alert on abnormal numbers of requests, such as by IP, user, total per hour or day, or whatever makes sense for the application. 770
@elarlang elarlang self-assigned this Apr 28, 2022
This was referenced Apr 28, 2022
Closed
Closed
@elarlang elarlang mentioned this issue Jul 3, 2022
Closed
@tghosth tghosth self-assigned this Dec 7, 2022
@tghosth tghosth added 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet _5.0 - prep This needs to be addressed to prepare 5.0 josh/elar labels Dec 7, 2022
@tghosth
Copy link
Collaborator

tghosth commented Dec 12, 2022

Handle alongside #997. 11.1.7 and 11.1.8 should be moved to V7 and clarified. 8.1.4 should stay where it is as it describes a specific data exfiltration scenario.

@set-reminder 1 week @elarlang to look at this

@octo-reminder
Copy link

octo-reminder bot commented Dec 12, 2022

Reminder
Monday, December 19, 2022 12:00 AM (GMT+01:00)

@elarlang to look at this

@tghosth tghosth removed their assignment Dec 12, 2022
@tghosth tghosth added 3) awaiting proposal There is some discussion in issue and reach to some results but it's not concluded with clear propos and removed 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet josh/elar labels Dec 12, 2022
@elarlang elarlang added the V7 Temporary label for grouping logging related issues label Dec 13, 2022
@elarlang elarlang mentioned this issue Dec 13, 2022
Closed
@octo-reminder
Copy link

octo-reminder bot commented Dec 18, 2022

🔔 @tghosth

@elarlang to look at this

@elarlang elarlang mentioned this issue May 30, 2023
Closed
@tghosth tghosth added 4b Major-rework These issues need to be part of a full chapter rework and removed 3) awaiting proposal There is some discussion in issue and reach to some results but it's not concluded with clear propos labels Jul 10, 2023
@elarlang elarlang mentioned this issue Oct 24, 2023
Closed
@elarlang elarlang mentioned this issue Nov 26, 2023
Closed
@tghosth
Copy link
Collaborator

tghosth commented May 2, 2024

11.1.7 is too much detail so I have added to the logging cheatsheet although I think it still merits its own requirement in V7.2.

Added in: OWASP/CheatSheetSeries#1394

11.1.8 I think merits it's own entry in 7.2 as a concept.

tghosth added a commit that referenced this issue May 2, 2024
@tghosth
Resolve #1272 by moving reqs from bus logic to logging
b1545c2
@tghosth tghosth mentioned this issue May 2, 2024
Merged
@tghosth
Copy link
Collaborator

tghosth commented May 2, 2024

Opened #1945

@tghosth tghosth added 6) PR awaiting review and removed 4b Major-rework These issues need to be part of a full chapter rework labels May 2, 2024
@elarlang
Copy link
Collaborator Author

elarlang commented May 2, 2024

# Description L1 L2 L3 CWE
7.2.5 [MODIFIED, MOVED FROM 11.1.8] Verify that the application has configurable alerting when unusual or malicious activity is detected in the logs. 390

I think we should remove " in the logs" from the requirement.

@tghosth
Copy link
Collaborator

tghosth commented May 2, 2024

Sure, done. Any other comments?

tghosth added a commit that referenced this issue May 2, 2024
@tghosth
Resolve #1272 by moving reqs from bus logic to logging (#1945)
dbe88f9 
* Resolve #1272 by moving reqs from bus logic to logging

* Remove redundant words
@tghosth tghosth closed this as completed in 39979bd May 7, 2024
elarlang pushed a commit to elarlang/ASVS that referenced this issue May 9, 2024
label correction for 11.1.7, 11.1.8 OWASP#1272
251f112
jmanico pushed a commit that referenced this issue May 9, 2024
@elarlang
Asvs label corrections 3 (#1955)
2f6906a 
* label correction for 13.1.1 + 5.5.5, #1538

* label correction for 11.1.7, 11.1.8 #1272

* label correction for 7.2.6 #1890, #1902

* label correction for 13.1.1 + 5.5.5, #1538

---------

Co-authored-by: Elar Lang <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@elarlang elarlang

Labels
7) PR in non-master branch V7 Temporary label for grouping logging related issues _5.0 - prep This needs to be addressed to prepare 5.0
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tghosth @elarlang