Store logs based on valid regulation

Summary

The organization must store logs, at least, from the ocurrency of the event on the system to the time stipulated by valid regulation for that specific system.

Description

The organization must take into account the regulations that apply to its systems. Different regulations and standards may have specific requirements for log retention periods.

Supported In

This requirement is verified in following services

Plan	Supported
Essential	🟢
Advanced	🟢

References

• CIS-8_5. Collect detailed audit logs
• OWASP TOP 10-A9. Security logging and monitoring failures
• CPRA-1798_104. Compliance with right to know and disclosure requirements
• NYDFS-500_6. Audit trail
• NYDFS-500_5. Penetration testing and vulnerability assessments
• PA-DSS-4_1. Log all user access and be able to link all activities to individual users
• PA-DSS-4_4. Facilitate centralized logging
• PDPO-5_27. Log book to be kept by data user
• CMMC-AC_L2-3_1_12. Control remote access
• CMMC-AU_L2-3_3_1. System audit
• HITRUST CSF-01_p. Secure log-on procedures
• HITRUST CSF-06_c. Protection of organizational records
• HITRUST CSF-09_ab. Monitoring system use
• HITRUST CSF-13_s. Privacy monitoring and auditing
• FedRAMP-AU-3_2. Centralized management of planned audit record content
• ISO/IEC 27002-5_28. Collection of evidence
• ISO/IEC 27002-5_33. Protection of records
• ISO/IEC 27002-8_15. Logging
• ISA/IEC 62443-UC-2_9. Audit storage capacity
• ISA/IEC 62443-SI-3_9. Protection of audit information
• OSSTMM3-9_17_2. Wireless security (alert and log review) - Storage and retrieval
• OSSTMM3-11_17_2. Data networks security (alert and log review) - Storage and retrieval
• ISSAF-G_12. Network security - Firewalls (port redirection)
• NIST 800-115-3_2. Log review
• OWASP ASVS-7_1_2. Log content
• C2M2-6_1_c. Detect cybersecurity events
• OWASP ASVS-2_8_5. One time verifier
• ISO/IEC 27001-5_28. Collection of evidence
• ISO/IEC 27001-5_33. Protection of records
• ISO/IEC 27001-8_15. Logging
• CASA-2_8_5. One Time Verifier
• CASA-7_1_2. Log Content
• Resolution SB 2021 2126-Art_26_11_g. Information Security
• Resolution SB 2021 2126-Art_26_11_o. Information Security
• Resolution SB 2021 2126-Art_27_17. Security in Electronic Channels
• Resolution SB 2021 2126-Art_27_18. Security in Electronic Channels
• NIST CSF-PR_PS-04. Log records are generated and made available for continuous monitoring
• NIST CSF-DE_CM-03. Personnel activity and technology usage are monitored to find potentially adverse events
• NIST CSF-RS_AN-07. Incident data and metadata are collected, and their integrity and provenance are preserved

Vulnerabilities

• 400. Traceability Loss - AWS
• 402. Traceability Loss - Azure
• 419. Traceability Loss - Kubernetes

free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.