From the course: Secure Coding in Java
Unlock the full course today
Join today to access over 22,500 courses taught by industry experts or purchase this course individually.
Log message leaks - Java Tutorial
From the course: Secure Coding in Java
Log message leaks
- [Instructor] So now we're going to talk about one of the more painful areas of data leakage, and that is log messages. If you've been writing code for any amount of time professionally, you can see how this is a juxtaposition between security and progress, and that's a valid point. Log messages are an invaluable tool for the operations of a system. We need log messages. We need it to track user behavior in our systems, as well as troubleshoot issues. To make operational work more efficient, more information in our logs is better. Now, I'm not saying more log messages. I'm saying more verbose messaging. The more detail we put into a single message, the bigger picture we paint of what is going on at any given time. To add to this mix, we use log aggregations to consolidate all of our logs into one place. This gives us the ability to traverse the logs from multiple systems at once to add clarity to the picture we are…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.