report/v8_error.tex

   1 \begin{enumerate}[label={8.\arabic*}]
   2         \item\pass{} Verify that the application does not output error
   3                 messages or stack traces containing sensitive data
   4                 that could assist an attacker,
   5                 including session id,
   6                 software/framework versions and personal
   7                 information.
   8
   9                 \begin{result}
  10                 \end{result}
  11
  12         \item\pass{} Verify that error handling logic in security controls
  13                 denies access by default.
  14
  15                 \begin{result}
  16                 \end{result}
  17
  18         \item\pass{} Verify security logging controls provide the ability
  19                 to log success and
  20                 particularly failure events that
  21                 are identified as security-relevant.
  22
  23                 \begin{result}
  24                 \end{result}
  25
  26         \item\pass{} Verify that each log event includes necessary
  27                 information that would allow for a detailed
  28                 investigation of the timeline when an event
  29                 happens.
  30
  31                 \begin{result}
  32                 \end{result}
  33
  34         \item\pass{} Verify that all
  35                 events that include untrusted data
  36                 will not execute as code in the intended log
  37                 viewing software.
  38
  39                 \begin{result}
  40                 \end{result}
  41
  42         \item\pass{} Verify that security logs are protected from
  43                 unauthorized access and modification.
  44
  45                 \begin{result}
  46                 \end{result}
  47
  48         \item\pass{} Verify that the application does not log
  49                 sensitive
  50                 data as defined under local privacy laws or
  51                 regulations, organizational sensitive data as
  52                 defined by a risk assessment, or sensitive
  53                 authentication data that could assist an attacker,
  54                 including user's session identifiers, passwords,
  55                 hashes, or AP
  56                 I tokens.
  57
  58                 \begin{result}
  59                 \end{result}
  60
  61         \item\pass{} Verify that all non-printable symbols and field
  62                 separators are properly encoded in log entries, to
  63                 prevent log injection.
  64
  65                 \begin{result}
  66                 \end{result}
  67
  68         \item\pass{} Verify that log fields from trusted and untrusted
  69                 sources are distinguishable in log entries.
  70
  71                 \begin{result}
  72                 \end{result}
  73
  74         \item\pass{} Verify that an audit log or similar allows for non-repudiation of key transactions.
  75
  76                 \begin{result}
  77                 \end{result}
  78
  79         \item\pass{} Verify that security logs have some form of
  80                 integrity checking or controls to prevent
  81                 unauthorized modification.
  82
  83                 \begin{result}
  84                 \end{result}
  85
  86         \item\pass{} Verify that the
  87                 logs are stored on a different
  88                 partition than the application is running with
  89                 proper log rotation.
  90
  91                 \begin{result}
  92                 \end{result}
  93
  94         \item\pass{} Time sources should be synchronized to ensure
  95                 logs have the correct time.
  96
  97                 \begin{result}
  98                 \end{result}
  99 \end{enumerate}