Secure Logging

Periood: 1.0 päeva
Seda koolitust hetkel planeeritakse. Palun võtke meiega ühendust.


Contents of the training

This training is based on the most frequently occurring security issues in logging implementations and solutions that our team has encountered over years of application penetration testing and other related experiences when working with logs.

Some of the issues we tend to often see can be exploited for log evasion, tampering logs integrity and attacking log viewers. During the training all of the attacks are explained in theory and then immediately practiced in our hands-on lab environment. Naturally, relevant defence methods are also explained.

Hands-on labs are based on web application and server logs, but the concepts can be applied much wider to the overall topic of working with logs. 

The main topics covered are:

  • Log evasion - techniques how to avoid being logged. This includes HTTP parameter pollution, relocating parameters in HTTP request and hiding attack payloads using XSS.
  • Attacking text- and web-based log viewers using XSS, special UTF characters, field and entry separators, bi-directional text.
  • Attacking command-line log viewers using special characters and terminal injection.
  • Log tampering using log injection.
  • Faking IP-addresses in log files by using special headers in queries.
  • Various topics about what to log, when to log, what are the mandatory fields in log files, etc. 
  • For each attack vector possible defence methods are also introduced.

Training methods

Trainer will engage participants with lectures, live attack demonstrations and practical examples followed by individual hands-on exercise scenarios. Training is interactive, practical, and besides active participation also full of attack stories that help to change the perspective and understanding of real life security threats.

Intended outcome

The main outcome is to help trainees understand different possible attacks that can be conducted towards logs or by using logs; how to defend themselves against such threats and also the importance of logging certain data, so that resulting logs would be most beneficial when solving possible security incidents.


We can deliver on-site at group pricing anywhere in the world where decent broadband connection is available. Ask us for the group pricing or for times and locations of our public courses. Public groups are currently available directly or via partners in: Estonia, Finland, Lithuania.

Registreerimine on siduv. Juhul kui registreerinud ei saa osaleda, saab tema asemel saata uue inimese. Kui osalemise registreering tühistatakse vähem kui 14 päeva enne kursuse toimumise algust, tagastatakse 50% kursuse hinnast. Kui kursusele registreerinu ei ilmu koolitusele eelnevalt teavitades, maksustatakse osalejat kogu kursuse hinnaga. Tühistamistasud kehtivad ka haigusjuhtude korral.

Soovite lisada enda koolituse või sündmuse keskkonda?

Võta ühendust!