audit-logging
Safeguard articles tagged "audit-logging" — guides, analysis, and best practices for software supply chain and application security.
6 articles
Designing tamper-evident CloudTrail logging across an AWS organization
AWS CloudTrail's default event history holds only 90 days. A centralized, hash-validated org trail is what actually survives an incident or an audit.
The four pillars every enterprise security program needs
Identity, patching, segmentation, and logging aren't a checklist — they're the four controls that determine whether a breach stays contained or becomes Log4Shell.
Securing the Kubernetes API Server
The API server is the front door to your cluster — every kubectl command, controller, and kubelet talks to it. If it is misconfigured, nothing else you harden matters. Here is how to lock it down.
How to set up AWS CloudTrail logging
A step-by-step guide to setting up AWS CloudTrail logging, enabling it across all regions, validating log integrity, and building a solid audit logging setup.
How to meet SOC 2 audit logging requirements
A step-by-step guide to meeting SOC 2 audit logging requirements: what to log, retention, access controls, alerting, and how to verify your controls before an audit.
CI/CD Pipeline Audit Logging: What to Capture and Why
Your CI/CD pipeline is a high-value target. Without proper audit logging, you will not know when it has been compromised until it is too late.